04-16-11 01:17 AM
60 123
tools
  1. baan's Avatar
    wow! this is cool! can't wait for my playbook and then to get this app! and as far as email and security is concerned, it doesn't matter who makes the app or even if it is third party. As long as I get my stuff from app world I know RIM has verified it and it has passed all their tests.

    bashing a .com is so not called for!
    04-15-11 10:01 AM
  2. mandony's Avatar
    wow! this is cool! can't wait for my playbook and then to get this app!
    Why buy? As a BB owner, when you have your BB and PB you can access email through the 'bridge' ANYWHERE, even without this app. No WIFI is required.
    04-15-11 10:44 AM
  3. JRSCCivic98's Avatar
    I would SURE hope that RIM will check any submitted apps in terms of security. In fact I'm sure they do. There's a reason why they aren't just going to allow Android apps to install from the Android App store. Instead they're vetting the apps, probably to make sure that malware won't ever make it onto the PlayBook. I wouldn't know why else they'd have this whole resubmitting procedure.

    Note that I totally agree that installing something from a 3rd party source (as in: somewhere else than from BB AppWorld) is a BAD idea.
    They actually don't. There were a number of apps and I think still are on AppWorld that have SPAM coding burried in them. JaradCo was the company that made them. There have been several posts about this a few weeks ago and CB actually took down their apps from their own store I think.
    04-15-11 11:53 AM
  4. JRSCCivic98's Avatar
    Hey, look at all the .pk people who registered just to defend the app.

    And honestly, I could care less where you're from. You could be in a garage in my own country and I wouldn't trust an app coming from you. The concern was voiced and is valid BASED ON YOUR TRUSTWORTHY POPULARITY, not your nationality or race or color or sexual orientation for that matter. I don't see enough credible information out there that's easy to find from you guys, so it holds as a valid concern. There's a lot of neferious stealing of data happening behind the scenes via apps on both PCs and mobile devices. People should be made aware of such risks.

    Also, Mike, your example of sniffing out the packets and seeing where they go. That's all nice and good if the app was written to always behave the same. What happens if the coder is smart enough to build in a trigger that only starts sending data after the app was installed for several days? Or what if it works by the coder triggering a remote command to the app before it sends the data. Guess what, in those cases, the app traffic would look normal until said time and the people testing it initially would think it's fine and use it... until it was too late.

    Ya, that's right, I think outside of the box... because I know how the smart ones think.
    04-15-11 12:09 PM
  5. mikeheinz's Avatar
    Hey, look at all the .pk people who registered just to defend the app.

    And honestly, I could care less where you're from.
    Wow! You really are on a race/nationality crusade. It's funny that you roll your eyes and say you "could care less" about where people are from while bringing up someone's location as the very first line in your response. I don't know about the vendor's credibility, but this sort of behaviour doesn't do much for your own.

    coming from you. The concern was voiced and is valid BASED ON YOUR TRUSTWORTHY POPULARITY, not your nationality or race or color or sexual orientation for that matter. I don't see enough credible information out there
    I am a new user here and may not have much "trustworthy popularity", but I think readers with a moderate degree of intelligence can read the arguments presented and come to the conclusion that based on the standard of trust you propose, we should perhaps wait for all applications to be certified by your intelligence agency of choice before we install them on our phones. Microsoft has perhaps been responsible for more system compromises than any international vendor. And OS X was hacked for root access within minutes at a recent hackathon. So I am assuming you are using an OS of your own construction that comforts your security paranoia? Do you rail against Apple and MSFT too, by the way, or does their west coast address contribute in changing the facts?

    People should be made aware of such risks.
    In my previous response I already said, if security is your concern that's fine. We can discuss that logically. But you have repeatedly brought in nationality and location as the core element of your argument. Two of your posts have started off with the flimsy ".pk" line of FUD. Have you ever considered that if someone wanted to mask their location they could register a .com address for $11 a year? And they could prevent you from doing a whois on their record for another $20/year? How's that for "out of the box"

    Also, Mike, your example of sniffing out the packets and seeing where they go. That's all nice and good if the app was written to always behave the same. What happens if the coder is smart enough to build in a trigger that only starts sending data after the app was installed for several days? Or what if it works by the coder triggering a remote command to the app before it sends the data. Guess what, in those cases, the app traffic would look normal until said time and the people testing it initially would think it's fine and use it... until it was too late.

    Ya, that's right, I think outside of the box... because I know how the smart ones think.
    My turn to roll eyes...

    If your self congratulatory conclusion about knowing how the "smart ones think" were true, you would also know that there are numerous ways in which to discover a TCP or UDP socket initiation signature (or other form of outbound access) with a binary scanner, regardless of whether such initiation is time-delayed, along with the socket destination. You would also know that security testing routinely involves system time adjustments to find time-triggered easter eggs.

    Anyway, there doesn't appear to be much point in actually have a discussion concerning security because apparently your inclination to wave hands and respond with "ooo noooo, .pk!!" is a tad too strong.

    Cheers and hope you have the opportunity to travel a bit more and enjoy the world. It has a lot to offer.
    Last edited by mikeheinz; 04-15-11 at 09:38 PM.
    04-15-11 09:21 PM
  6. baan's Avatar
    Why buy? As a BB owner, when you have your BB and PB you can access email through the 'bridge' ANYWHERE, even without this app. No WIFI is required.
    That is the best way. I'm talking about people who won't have a BB. Time to grow the community via the playbook I believe.

    Posted from my CrackBerry at wapforums.crackberry.com
    04-15-11 11:30 PM
  7. baan's Avatar
    Hey, look at all the .pk people who registered just to defend the app.

    And honestly, I could care less where you're from. You could be in a garage in my own country and I wouldn't trust an app coming from you. The concern was voiced and is valid BASED ON YOUR TRUSTWORTHY POPULARITY, not your nationality or race or color or sexual orientation for that matter. I don't see enough credible information out there that's easy to find from you guys, so it holds as a valid concern. There's a lot of neferious stealing of data happening behind the scenes via apps on both PCs and mobile devices. People should be made aware of such risks.

    Also, Mike, your example of sniffing out the packets and seeing where they go. That's all nice and good if the app was written to always behave the same. What happens if the coder is smart enough to build in a trigger that only starts sending data after the app was installed for several days? Or what if it works by the coder triggering a remote command to the app before it sends the data. Guess what, in those cases, the app traffic would look normal until said time and the people testing it initially would think it's fine and use it... until it was too late.

    Ya, that's right, I think outside of the box... because I know how the smart ones think.
    Are you smoking something while constructing your "logical" arguments or are you on Steve jobs payroll?

    Posted from my CrackBerry at wapforums.crackberry.com
    04-15-11 11:32 PM
  8. JRSCCivic98's Avatar
    Mike, your registration day was yesterday. You're only here to defend against what was said in this thread. Doesn't really matter anyway and like I said, hidden code can be in anything from anyone. Safe or unsafe, the point of my initial post still stands and people who posted in the thread agree with it. I honestly don't care if you agree with it or not, but if you're trying to defend your product, you're taking the wrong path already. People here can criticize anything they want to. People can form whatever opinion they want. People can share viewpoints as well.
    04-16-11 12:41 AM
  9. TheMarco's Avatar
    They actually don't. There were a number of apps and I think still are on AppWorld that have SPAM coding burried in them. JaradCo was the company that made them. There have been several posts about this a few weeks ago and CB actually took down their apps from their own store I think.
    Wow that is SERIOUSLY disturbing. It makes me wonder what the **** they are thinking at RIM. I know for sure that Apple and Palm/HP check for malicious stuff in apps. RIM should too, especially since they have a reputation to uphold related to being the most secure platform out there.

    If I were an executive at RIM and I'd hear about malicious apps making it into AppWorld ... ****... some employees would be in trouble.
    04-16-11 01:04 AM
  10. mikeheinz's Avatar
    Mike, your registration day was yesterday. You're only here to defend against what was said in this thread. Doesn't really matter anyway and like I said, hidden code can be in anything from anyone. Safe or unsafe, the point of my initial post still stands and people who posted in the thread agree with it. I honestly don't care if you agree with it or not, but if you're trying to defend your product, you're taking the wrong path already. People here can criticize anything they want to. People can form whatever opinion they want. People can share viewpoints as well.
    This is not my product. Do you get a kick out of blindly accusing and insinuating? Apparently the answer is a resounding yes.

    I don't give two hoots about your opinion, JRSCCivic98. But I do resent discriminatory posts based on no factual information other than someone's nationality or race.

    Are you familiar with one of the core tenets of most civilized societies, "Innocent until proven guilty". You can choose to live your life with reverse assumptions if that brightens your day. To each his own.
    04-16-11 01:17 AM
60 123
LINK TO POST COPIED TO CLIPBOARD