GolfGTIforum.co.uk
General => General discussion => Topic started by: Jay on 05 October 2011, 09:19
-
http://www.androidpolice.com/2011/10/01/massive-security-vulnerability-in-htc-android-devices-evo-3d-4g-thunderbolt-others-exposes-phone-numbers-gps-sms-emails-addresses-much-more/
Enjoy Apple fan boi's.
-
What i was saying the other day regarding banks staying away from android
-
why is this issue only in the htc and not other android phones? :undecided:
-
What i was saying the other day regarding banks staying away from android
You really want to do this Android is less secure than iOS bollocks? :huh:
http://www.cvedetails.com/product/15556/Apple-Iphone-Os.html?vendor_id=49
http://www.cvedetails.com/vendor/9513/Android.html
http://www.cvedetails.com/vendor/6823/HTC.html
http://www.cvedetails.com/vendor/822/Samsung.html
How'd you like them Apples? :rolleyes:
why is this issue only in the htc and not other android phones? :undecided:
It's HTC's implementation of Android, just because it's Android does not mean it's the same for all OEM's or even devices from the same OEM. There will be a fix soon, if not just whack cyanogen mod on it.
-
so what were saying here is that the sgs2 is def the best.. :rolleyes: :grin:
-
so what were saying here is that the sgs2 is def the best.. :rolleyes: :grin:
That is true!
My S2 is awesome, although i only use it to play Drag Racing!
-
Shep, What ever device/OS you prefer :cool:
They all have their ups and downs, my boss has been watching loads of GS2 videos as his replacement 3GS has worse reception in the same places than his last 3GS which packed up and wouldn't power on at all, just after loosing reception. All he wants is a smartphone that has good reception! :grin: GS2 looks very nice compared to some of the other devices out there!
I posted this because DH reminded me about it and I was going to post it but forgot as I don't have the effected HTC devices.
-
What i was saying the other day regarding banks staying away from android
You really want to do this Android is less secure than iOS nuts? :huh:
http://www.cvedetails.com/product/15556/Apple-Iphone-Os.html?vendor_id=49
http://www.cvedetails.com/vendor/9513/Android.html
http://www.cvedetails.com/vendor/6823/HTC.html
http://www.cvedetails.com/vendor/822/Samsung.html
How'd you like them Apples? :rolleyes:
why is this issue only in the htc and not other android phones? :undecided:
It's HTC's implementation of Android, just because it's Android does not mean it's the same for all OEM's or even devices from the same OEM. There will be a fix soon, if not just whack cyanogen mod on it.
Im not saying IOS is flawless. I am saying that Android is ported to all types of phones through all types of guises, this means it can not be launched securely and leads to issues on various handsets. This instance is key to my point. A huge gaping flaw in the OS which puts off companies like banks creating apps for it.
-
Yet most banks just have a website that works well on any mobile device or PC or Laptop.... Hence the real reason for not creating an App... which isn't needed.
-
In your defensiveness you are missing my point. Android will always be at risk due to the inconsistencies that exist through its selling technique. Putting an OS on phones with huge variations of hardware means it will always have issues.
Gingerbread on one phone is different to Gingerbread on another, coupled with an open market place there will always be problems. Banks are merely an example.
This is not an apple vs android point, its a point that shows android has flaws and will continue to.
-
In your defensiveness you are missing my point. Android will always be at risk due to the inconsistencies that exist through its selling technique. Putting an OS on phones with huge variations of hardware means it will always have issues.
I totally got your point.
Didn't seem to stop a whole lot of people building apps for PCs, which they still do.
The problem is the concept that an 'app' is needed to access services such as banking.
What's wrong with browsers? There's already a complete security model around HTTPS data transfer, coupled with PITA second factor devices currently being handed out by banks like HSBC.
The whole BS app thing has become part of the commercialisation of the web - companies wanting to take you off the web, into their third party environments, just using the internet as a transfer medium. The app circus isn't necessary in a lot of examples and it stinks like sh*t.
If people could pull away from thinking they need endless apps they might see they should just need a browser for a lot of stuff.
ANY device will be at risk. Apple lock theirs down and make it usable by any idiot. They also control the whole buying eco-system. It's just a big money making machine for a big web company. If you want to let them own your whole online experience go for it. I'd rather take the risk of using a spread of providers who don't have a monopoly on my life.
-
I have always jailbroken so im not fussed that apple lock it down.
Apps provide quicker features and more usability. I have apps which i have password locked on my phone, i dont with my browser as i use it so much and would become annoying. On my phone the browser is slow to load and if not on 3G the page is even slower due to the crap that loads with it. On an app the data is faster, more accesible and easier to read.
-
On my phone the browser is slow to load and if not on 3G the page is even slower due to the crap that loads with it. On an app the data is faster, more accesible and easier to read.
I don't think apps get 'accelerated data' do they?
Surely once you've been to a website and the files are cached the browser will be just as fast, if not faster as it's had more effort put in to optimise it, than a propietary app?
-
Of course the average user know how to do this.......no
The average user knows how to use an app though. No it doesnt have acclerated data, but it loads less and requires less processing power than a browser with several pages in use loading adverts etc etc
-
Of course the average user know how to do this.......no
How to do what? I'm confused. Browser caching just works.
The average user knows how to use an app though. No it doesnt have acclerated data, but it loads less and requires less processing power than a browser with several pages in use loading adverts etc etc
My bank's webpages don't have any adverts and I can shortcut straight to the login page easily.
The pages don't change much, so I will have the images all cached after the first visit.
The 'average user' generally knows how to use a browser - it's something they've been doing for years. Creating apps to do things a browser can do is just a waste of dev time.
The browser only takes up more space if it's in use for several pages. As before - browsers have had a lot of development put into them, by large teams. An app is more likely to have security holes because it won't have had the same concerted, long term development effort, delivered by a large team.
The only reason for the proliferation of apps for fatuous applications is because the marketing department loves saying 'we've gotta have an app for that'. It's often not needed. What's needed is a website based on responsive design principles.
-
Of course the average user know how to do this.......no
How to do what? I'm confused. Browser caching just works.
The average user knows how to use an app though. No it doesnt have acclerated data, but it loads less and requires less processing power than a browser with several pages in use loading adverts etc etc
My bank's webpages don't have any adverts and I can shortcut straight to the login page easily.
The pages don't change much, so I will have the images all cached after the first visit.
The 'average user' generally knows how to use a browser - it's something they've been doing for years. Creating apps to do things a browser can do is just a waste of dev time.
The browser only takes up more space if it's in use for several pages. As before - browsers have had a lot of development put into them, by large teams. An app is more likely to have security holes because it won't have had the same concerted, long term development effort, delivered by a large team.
The only reason for the proliferation of apps for fatuous applications is because the marketing department loves saying 'we've gotta have an app for that'. It's often not needed. What's needed is a website based on responsive design principles.
I dont think you are viewing it from a normal perspective. No we dont need apps, yes you can just go to a website. The average uses does 'want' an app and the average user wants the business they are using to provide one. What people need and what they want are very different things mate.
-
I dont think you are viewing it from a normal perspective. No we dont need apps, yes you can just go to a website. The average uses does 'want' an app and the average user wants the business they are using to provide one. What people need and what they want are very different things mate.
Wants and needs are down to education mostly.
People need educating that they can access their bank's online banking on their phone in a browser rather than needing a totally unnecessary app which will be no faster (as you were trying to make out) and more likely to have security vulnerabilities on any platform.
There are no 'average users'. There are just people and most people can be educated. Who educates them shapes what they want and need. If you let marketing educate them then they'll want all sorts of mis-guided things.
Don't address me as mate, it's over-bearing and patronising, neither of which I take well from a nipper like you.
-
Seeing as i can use phrases i like on a public forum, as long as they are not generaly deemed abusive, i will continue to thanks mate.
Anyway mate, as i was saying. An app is faster than a browser. Open your browser (fesh, not while multitasking) and go to your bank, enter details etc etc
Open an app, enter details, done mate. You see what i mean?
Any way mate, apps will continue to dominate over other forms of use as they are simple and quick.
Cheers mate
-
An app is faster than a browser. Open your browser (fesh, not while multitasking) and go to your bank, enter details etc etc
Open an app, enter details, done mate. You see what i mean?
I don't have an app for my bank, nipper.
It would be no faster than using a browser, little boy.
You would probably need to log in for an app, or a browser session, so there's no advantage there.
Banks tend to be quite twitchy about the security of sessions left open without regular validation, whatever the connection method. It's not like mobile phones have a fixed IP (which could be spoofed anyway). This is why banks are starting to use two-factor authentication. You can't get an app for that.
There's about an extra click involved in getting to the login page using a browser. Is it really worth massive investment to remove that one click? I doubt it. In fact here's what Barclays has to say on the subject:
Our Mobile banking service works on all major mobile phone brands, including Apple iPhone, Samsung, Sony Ericsson, HTC and Nokia
By the looks of it Natwest are using someone else's app (always confidence building) and there are a lot of other whining numpties asking why other banks aren't doing an iPhone app.
Possibly because they realise a browser is more secure than a third party app, but you probably know better than them, right nipper?
-
Possibly because they realise a browser is more secure than a third party app, but you probably know better than them, right nipper?
Exactly, though on IOS the app could be made secure due to the OS being the same through every iPhone, unlike android which has too many variants......finally!
Oh and i actually have no issue with names such as nipper, i dont get upset from a name :lipsrsealed:
-
How does having so many variants of Android pose as a problem? :undecided:
-
Possibly because they realise a browser is more secure than a third party app, but you probably know better than them, right nipper?
Exactly, though on IOS the app could be made secure due to the OS being the same through every iPhone, unlike android which has too many variants......finally!
Finally what? Why is the 'one OS to rule them all' attitude so much better than many variants? Where does that leave people who've 'jail-broken' their phones? Surely that's an unauthorised and insecure variant outside the eco-system already? Using an app the traffic can still get hijacked en-route.... and we're back at 2-factor and secure certificates again.
Banks seem to be able to handle multiple variants of browsers... just like multiple Android variants with multiple variants of browsers.... but then there's a proven security model for these silly old browsers, so let's invent the wheel again just so we can do our banking on an app. :grin:
Oh and i actually have no issue with names such as nipper, i dont get upset from a name
You don't seem to understand the issues being discussed here, because it seems you lack education and experience in this area. Being told you're wrong by someone who clearly doesn't understand the subject is insulting. You're insulting me. I don't like being insulted by a little boy, especially not one who's trying to be condescending and superior at the same time.
-
lol a little boy who seemingly is doing much better in life than yourself. Just think how much i will know at your age! :lipsrsealed:
I work in this industry, i work for a large investment bank, said investment bank owns a highstreet branch which i know to be making an app. I also know that said app has been trouble developing for android due to problems with the varied OS throughout different phones.
I am not trying to stick up for an OS like you. I am telling you something and you, being older, believe you know more. You do not :grin:
Thanks for the lulz :laugh:
-
So your to blame for the economical crisis...you cu^t :lipsrsealed: :grin: :wink:
-
I can add a bookmark on my homepage to my bank login screen which would be quicker than an app.
-
Why would you want to do that? You have a Jesus phone and you have apps to do everything and anything??
-
You can. What he doesnt seem to understand, as he is so blinded by me calling him mate, that i dont disagree im just saying he is wrong. Using a browser is very easy. But if a bank can get 60p for an app which seemingly makes people life's easier then they will. They will not do this with android as of yet due to security issues, as highlighted by this thread.
-
No, I'm not wrong and you don't understand the security issues. Explain how iPhone apps handle the security as handled in browsers by the SSL certificate model. The issue is the same with Android as it is for iPhone. There is no difference.
lol a little boy who seemingly is doing much better in life than yourself.
H'mmm, I own two houses, have a lovely wife, two children and a good job in IT, which it takes me about 10 minutes to cycle to in clean air every day.
You have an S3 and a job in banking, probably with a crappy commute.
Feels to me like, on my metrics that you're just doing OK. Maybe you should wind in the arrogance a little, unless you're just another typical Aldi driver?
I work alongside developers delivering e-commerce platforms and mobile apps for a wide range of businesses.
You know someone in another company owned by the one you work for is developing an app and is wrestling with the security issues, which are already looked after in a browser. They're doing it because 'marketing' told them to. :grin:
No wonder your knowledge is so shonky, you're just a little cog in the wheel. What do you do, support desktops?
Your whole arguement about apps is unsound.
The 'lulz' are on you, nipper.
(http://www.northloop.co.uk/forum/images/smilies/loser.gif)
-
Are you just plain f@cking stupid Jules?
iOS has had MORE vulnerabilites than base Android AND HTC's AND Samsung's versions put together!
You are just a f@cking moron! :laugh:
I've tried to be nice, but you are making yourself look even worse with each reply! :grin:
Read those links I gave earlier again.
-
You can. What he doesnt seem to understand, as he is so blinded by me calling him mate, that i dont disagree im just saying he is wrong. Using a browser is very easy. But if a bank can get 60p for an app which seemingly makes people life's easier then they will. They will not do this with android as of yet due to security issues, as highlighted by this thread.
or because most people with android don't/wouldn't pay for an app especially one which does something I can do for free.
-
:laugh:
Of course, the money they are ploughing into it to ensure they pick a safe OS is all wasted. Ill tell em to call you and Jay when i go in tomorrow. Hey you could could send them some links Jay :lipsrsealed:
The apps being developed in house, its not outsourced. The safest IOS to maintain the app currently is IOS and Mango. The android version is being made with ice cream sandwhich but has had issues as it will not work properly on some other phones.
I have a mortgage, no kids luckily, soon to be fiancée and an S3 all at 25. I have a Job in IT in an investment bank, not a high street bank.
How old are you again? :grin:
-
Let's repeat the earlier question, because all you're now able to do is tell us how great you are and how much our lives suck.
Yet you're unable to provide anything to support your arguement about apps being such a great thing.
...you don't understand the security issues. Explain how iPhone apps handle the security as handled in browsers by the SSL certificate model.
So come on then.
I'd also like to know where jail-broken iPhones stand in this, as their security model is broken, too.
You're not answering any questions, just coming across as a self-satisfied empty vessel.
-
I have a mortgage, no kids luckily, soon to be fiancée and an S3 all at 25. I have a Job in IT in an investment bank, not a high street bank.
Well done, here'd a medal for ya!
(http://www.polishmedals.co.uk/images/tnPolishSovietWarMedal.jpg)
-
I have a mortgage, no kids luckily, soon to be fiancée and an S3 all at 25. I have a Job in IT in an investment bank, not a high street bank.
Well done, here'd a medal for ya!
(http://www.polishmedals.co.uk/images/tnPolishSovietWarMedal.jpg)
You will need a spare one for diamond hell. He owns two houses!! (though on the isle of wight probably so doesnt count as they are so cheap lol)
I dont work with the team developing the app, im friends with a contractor working with them. I discuss things at work with him about the job. He (who is not an iPhone user) has been telling me about the issues they have been facing regarding android and the fact it differs so widely from phone to phone with even the same OS version.
You are sounding like a bitter old man!
-
So research by security professionals is null and void is it? Riiiight :rolleyes:
All because some f@ck wits can't use an SDK, that's apparently, for an OS that has not been release yet? Riiiiiight :rolleyes:
They obviously are a bit thick, much like yourself. Tell them to look into the Fragment API and Compatibility package releases some time ago for the SDK, it will cover 97% of Android devices without a hitch, f@ck the 3% which are most likely doing to be low end devices and/or Cheap Chinese devices. I'll be happy to school them if they want to pay may daily consultancy rate :afro:
You've had a job in IT for all of 5 minutes that you only got because you know someone, not because you are knowledgeable and now you know all there is to know about everything in IT? Riiiiiight :rolleyes:
Now answer some real questions, that you understand, not from what dipsh!t dev has told you about in passing conversation.
-
So research by security professionals is null and void is it? Riiiight :rolleyes:
All because some f@ck wits can't use an SDK, that's apparently, for an OS that has not been release yet? Riiiiiight :rolleyes:
They obviously are a bit thick, much like yourself. Tell them to look into the Fragment API and Compatibility package releases some time ago for the SDK, it will cover 97% of Android devices without a hitch, f@ck the 3% which are most likely doing to be low end devices and/or Cheap Chinese devices. I'll be happy to school them if they want to pay may daily consultancy rate :afro:
You've had a job in IT for all of 5 minutes that you only got because you know someone, not because you are knowledgeable and now you know all there is to know about everything in IT? Riiiiiight :rolleyes:
Now answer some real questions, that you understand, not from what dipsh!t dev has told you about in passing conversation.
I text him. Will have to see if he replies, he can view this without signing in cant he?
I got the IT job by working my arse off, after someone got me in at the bottom, and showing my knowledge was good. I was subsequently promoted and then again to where i am now. Hopefully i will keep going.
Im telling you what is happening, via a company that has a huge sum of money at its disposal, regarding Android. Android fans got angry and defensive.
Whether you think you are right is irrelevant. They have found that, currently, android is not viable to launch the app on. This is due to the security and varying OS. I have not asked about the jailbreak issue with IOS, so im not sure. I know the Windows phone version has been fine so far also.
It is amusing just how riled you both have become, with little effort from myself. Lucky you both have life changing points to put across, otherwise you would seem quite sad......oh wait :lipsrsealed:
-
Better that we have a point to put across, rather than you who hasn't answered any questions so far, just crowed about how superior you are.
after someone got me in the bottom
:grin:
-
Better that we have a point to put across, rather than you who hasn't answered any questions so far, just crowed about how superior you are.
after someone got me in the bottom
:grin:
How did you do that? Thats not what i wrote yet it appeared as something else :undecided: :rolleyes:
I have answered you to a point. Im not going to tell you things that my company will not want you to know. Not hard for someone to figure out who im talking about etc etc and i like my job more than showing you up unfortunately.
Dont be so hypocritical either, being the older and wiser person you shouldn't have needed to show everyone you have two houses etc :wink:
-
I have answered you to a point. Im not going to tell you things that my company will not want you to know. Not hard for someone to figure out who im talking about etc etc and i like my job more than showing you up unfortunately.
No, you haven't at all. I'm not asking for anything your company 'will not want me to know'.
There is no equivilent to the globally accepted SSL Certificate used in HTTP-land.
This is what is used in ecommerce and banking, either in 128 or 256bit flavour.
Dont be so hypocritical either, being the older and wiser person you shouldn't have needed to show everyone you have two houses etc
What? You got your enormous job in an investment bank out and started swinging it about, telling the rest of us how inferior we are. Of course I'm going to tell you to stick it back in your way-too-tight trousers and tell you to wind your proverbial neck back in.
A slap around the cocky chops never hurt anyone and you're no different.
-
(http://www.mynokian900.com/wp-content/uploads/2011/08/the-end.jpg)