Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

HTTPS Defects in Dozens of Android Apps Expose User Passwords

posted by LaminatorX on Monday June 22 2015, @02:30AM   Printer-friendly
from the opposite-day dept.

darkfeline writes:

http://arstechnica.com/security/2015/06/game-over-https-defects-in-dozens-of-android-apps-expose-user-passwords/

Many Android apps in the Google App store do not properly use HTTPS for logins, thus exposing user passwords.

Original Submission

 
This discussion has been archived. No new comments can be posted.
HTTPS Defects in Dozens of Android Apps Expose User Passwords | Log In/Create an Account | Top | 25 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by Anonymous Coward on Monday June 22 2015, @07:22AM

    by Anonymous Coward on Monday June 22 2015, @07:22AM (#199310)

    That's completely stupid proposal.

    Such a line is an almost certain hint that the one who writes that line is the stupid one.

    What standards?

    Sure, because nobody has ever been able to develop a standard about anything.

    Who enforces them?

    Who enforces the standards about the electric grid? Who enforces the standards about railways? Who enforces the standards concerning building codes?

    If Microsoft fixes a bug that then causes other software to fail because they understood that as a feature, then what?

    Did Microsoft document that to be a feature? No? Then on what basis did the programmer of the other software consider it a feature?

    That's of course assuming that Microsoft fulfilled its documentation duties which would also be part of those standards. That is, the interface has to completely specified. And of course Microsoft has then the duty to only rely on the specified interface also for its own software.

    Starting Score:    0  points
    Moderation   +3  
       Interesting=2, Touché=1, Total=3
    Extra 'Interesting' Modifier   0  
    Total Score:   3  

  • (Score: 0) by Anonymous Coward on Monday June 22 2015, @02:07PM

    by Anonymous Coward on Monday June 22 2015, @02:07PM (#199413)

    Such a line is an almost certain hint that the one who writes that line is the stupid one.

    You stated this as a statistical fact, and yet I don't see you citing any studies. There are plenty of stupid proposals being suggested out that, so I don't see where you get this.

    Sure, because nobody has ever been able to develop a standard about anything.

    I wouldn't say that it's impossible to develop a standard, but it isn't a good idea. You're going to increase the cost of developing software immensely, and even with a FLOSS exception, there are little guys who develop and sell their own software (probably learning to code while doing so) that probably couldn't meet these standards. And they probably develop unimportant phone apps, too.

    • (Score: 0) by Anonymous Coward on Tuesday June 23 2015, @08:38AM

      by Anonymous Coward on Tuesday June 23 2015, @08:38AM (#199788)

      there are little guys who develop and sell their own software (probably learning to code while doing so)

      If you are still learning to code, you shouldn't sell the stuff you wrote, period.