Related
I'd be grateful if someone in the know would clue me in:
Stock Android, I believe since 2.0, has supported multiple Exchange sync accounts (at least for email sync, and probably contacts). Running the
Android emulator on the desktop, I can configure as many accounts as I please.
However... I just took delivery of a Samsung Fascinate (Verizon) and as hard as I try, I can't make it configure a second account (it dumps me into the 'edit' UI for the first account when I ask to create a second one).
So I tried an HTC Incredible that we have here. Same behavior !
Yet, when I Google search 'samsung galaxy s multiple exchange accounts', I find a bunch of people claiming to be using multiple accounts.
What's up with this? Am I just not doing the setup correctly, or did Samsung remove this capability from the devices recently ?
I also figured I could install the stock Android email app as a workaround, but that doesn't exactly seem to be a 'one-click' process. K-9 has no ActiveSync support, so that isn't useful.
Can't speak for anyone else, but I have yet to see any Android phone that supports multiple Exchange accounts out of the box. That's one of the reasons I bought Touchdown, as it supports multiple Exchange profiles. Of course, only one of them can be active at a time, but if I needed to have two accounts active simultaneously, I could use Touchdown for one, and the stock email app for the other. Oh, and just FYI, I didn't mean for this to become a Touchdown advertisement. ^^;
Sent from my SCH-I500 using XDA App
Actually, I have a Touchdown license so this is a good plan.
Presumably the situation is this : stock Android supports multiple accounts but none of the device vendor skins do, yet. Correct ? (and it isn't possible to manifest the stock Android behavior side-by-side with the vendor skin).
I was just coming in here to ask this question. I would like a way to get multiple exchange accounts too. Since it was supported in 2.0 on up i think we should be able to get this to work. Unless Samsung messed this up for us.
Hmm, I thought Sammy left the stock Android email app on the Fascinate, but it looks as though they modified it just enough to cripple it. :-(
Sent from my SCH-I500 using XDA App
There are actually good reasons NOT to do this. Corporate IT admins have massive problems with this, and because Google/Sammy/etc. are actually TRYING to work with corporate IT... you end up with this.
Outlook doesn't allow it either, nor does any other mail program which respects Activesync conventions.
It has to do with security... and compartmentalization.
The Droid X and the Droid supported 2nd Exchange accounts.
I'm sorry, but I disagree that this is a security issue. They are completely disparate accounts, and this functionality should be stock on all Android phones.
That said, the Samsung client is the worst of all of them, and Touchdown is the best option, IMHO.
Gurm said:
There are actually good reasons NOT to do this. Corporate IT admins have massive problems with this, and because Google/Sammy/etc. are actually TRYING to work with corporate IT... you end up with this.
Outlook doesn't allow it either, nor does any other mail program which respects Activesync conventions.
It has to do with security... and compartmentalization.
Click to expand...
Click to collapse
Oh, really? That's interesting. I work on the helpdesk for an IT company that hosts Exchange servers (and much more) for dozens of clients, including numerous medical and financial institutions (i.e. security is a significant concern), and I have never heard about any such security issue. Please explain to me how being able to setup multiple Exchange accounts on a single device is such a huge security concern, and include links to references if possible, as I may want to present the information at our security meeting, which I'm actually attending tomorrow. No joke, that's my job, and I am on the security team.
Btw, Microsoft themselves eliminated the single Exchange account limitation with Outlook 2010. It's still not unlimited, but you can now have three Exchange accounts per Outlook profile. Oh, and did I mention that iOS 4 now also supports multiple Exchange accounts per device? So yeah, if you have any links to share about these alleged security nightmares, feel free to enlighten me.
Sent from my SCH-I500 using XDA App
8notime said:
That said, the Samsung client is the worst of all of them, and Touchdown is the best option, IMHO.
Click to expand...
Click to collapse
While I tend to agree with you, I'd like to point out that I haven't seen any issues with actually reliably syncing with an Exchange server with the Fascinate, whereas the mail client on the original Droid was plagued with bugs, and while it improved later on, one of the more recent post-Froyo patches broke the ability to sync with Exchange 2010 (which has since been fixed).
Also, if I remember correctly, the helpdesk I work on got a bunch of calls from clients who bought the Droid X when it first came out, because it couldn't sync with Exchange 2003, which was a pretty serious bug. Motorola had apparently tested it thoroughly with Exchange 2007 and 2010, but never with 2003. It was so bad that they were giving away licenses for Touchdown for free to anyone that complained, until they were able to issue a patch for it.
Anyway, no mail client is perfect, and all have their pros and cons. Which stock one is better or worse depends on whether the features that don't work right matter to you or not. Me, I'll stick with Touchdown, which basically mops the floor with the stock mail clients, just in sheer volume of features alone.
Sent from my SCH-I500 using XDA App
IOS 4, android 2.* and up and WP7 all support multiple exchange accounts. Unfortunatley Samsung messed this up for us.
I wonder if there is a way to pull the AOSP e-mail.apk and try that? Or if there would be another way around this.
Since someone got a little cranky I will elaborate on the security problem.
The issue is largely one of partition. Let me paint a scenario...
I am government contractor x. I provide you with exchange on your phone. Your phone very helpfully merges all your data together. That violates my policies. Additionally, your android device doesn't respect remote wipe, remote lock, or security policy for disclaimers, password complexity, etc.
But the biggest issue is that the exchange data isn't self-contained.
If the phone, client, or whatever provides partitioning of the data then multiple accounts becomes a possibility.
Essentially I as an exchange admin don't want some other company's mail cross pollinating with mine. And because my company is in Massachusetts, it's actually a violation of state law at this point to let our emails into someone else's system.
Outlook 2010 supports separate cache files, contact lists, and all other data... So it can do multiple accounts. The iphone doesn't, and neither does droid.
I love my android phone, but I cannot let the end users have them, because we can't secure thee data. Full stop.
Sent from my SCH-I500 using XDA App
And yes, ios 4 and some iterations of droid do allow this, but not in s way that is kosher with either microsoft or your mail admins.
Sent from my SCH-I500 using XDA App
Hehe, I wasn't cranky. I just wanted some additional info to back up a rather vague, blanket statement about data security. I could go on to discuss security issues, but it looks like your concerns exist at a much higher level. If the Android platform as a whole is too insecure for you to allow, then whether or not a phone supports multiple Exchange accounts is irrelevant. That being the case, I won't draw this on much longer, as it's beginning to drift off topic.
Based on what you've listed as your security requirements, I believe Touchdown actually has a strong enough feature set to safely allow Android devices to work in your environment. It supports a healthy set of Exchange security policies, namely remote wipe, PIN/password policies, and complete data encryption (it even encrypts the data it stores on the SD card), and since it only allows one account per profile, and all data is contained within the application itself, and not mixed on the phone, the partition requirement is met. Plus, you can deploy a template that dictates desired config settings for the app, and locks them down to prevent users from changing them. Oh, and don't forget the added benefit of standardization, in that you would only have a single email app to support, regardless of which Android device end users have. The only real down side is the added cost, as it's extra software to buy. And for those wondering, no, I do NOT work for NitroDesk, the makers of Touchdown.
I apologize if I'm still failing to understand any of your points in all this. I do have an interest in security topics like this, and while I'm not completely ignorant, I'm by no means an expert either, not by a long shot. If you'd like to discuss this any further, feel free to PM me, so we don't get any further off topic in this thread. Thanks!
Gurm said:
Essentially I as an exchange admin don't want some other company's mail cross pollinating with mine. And because my company is in Massachusetts, it's actually a violation of state law at this point to let our emails into someone else's system.
Click to expand...
Click to collapse
I have never in my life heard of this happening, nor is there any proof that it's technically possible. I get the whole concept of all data being on the same partition, but cross pollination? They are totally different accounts, with their own data stores.
If a companies security policy is this strict, they probably shouldn't have any phone connecting to their network, unless they have a device management tool in place that prohibits installation of any 3rd party apps unless they install them themselves. Oh and they should probably remove the camera too, if they're a government contractor with this much security in place.
I don't think the Fascinate was designed for a company like this.
Just to throw in my 2 cents. A division of the company i work for engineers nuclear plants and because of the strict government regulations only blackberries are permited because other platforms are not secure enough.
Sent from my SCH-I500 using XDA App
8notime said:
I have never in my life heard of this happening, nor is there any proof that it's technically possible. I get the whole concept of all data being on the same partition, but cross pollination? They are totally different accounts, with their own data stores.
Click to expand...
Click to collapse
Really? Your contact list isn't comprised of all the contacts from all the accounts? Do you keep strict track of which little yellow "new mail" envelope you've just pulled down? It can't happen? Think again.
If a companies security policy is this strict, they probably shouldn't have any phone connecting to their network, unless they have a device management tool in place that prohibits installation of any 3rd party apps unless they install them themselves. Oh and they should probably remove the camera too, if they're a government contractor with this much security in place.
Click to expand...
Click to collapse
Yup. Guess why Blackberries are still the biggest corporate device? For exactly this reason. Why is there always a Blackberry variant with no camera? BINGO.
I don't think the Fascinate was designed for a company like this.
Click to expand...
Click to collapse
No Droid or iPhone was.
Then why are we even having this conversation? We're talking about the Fascinate.
Also, we were talking about email, not contacts. Emails are stored in entirely different data stores. I don't have 1 giant inbox with emails from both accounts. They are totally separated.
8notime said:
Then why are we even having this conversation? We're talking about the Fascinate.
Also, we were talking about email, not contacts. Emails are stored in entirely different data stores. I don't have 1 giant inbox with emails from both accounts. They are totally separated.
Click to expand...
Click to collapse
Because Exchange isn't POP or IMAP. It's an entire comm system. It's not just mail, it's contacts and calendar and notes and public folders and a half dozen other things.
If you just want to sync the contents of two Exchange inboxes, sure there's no TECHNICAL reason you can't. But that's not how Exchange WORKS, typically. I'm sure you could write a client that does that, but as yet folks haven't.
You can go in and uncheck to sync the calendar and contacts, but new "events" will still arrive and have to be thrown out by the client. Essentially you would need to write MORE code to NOT have the entire system than you would to HAVE it.
I'm sorry but that isn't true. Like I said earlier, I was able to add more than one Exchange account - contacts, calendar, and email - on both my Droid and Droid X. One Exchange account for work, and the other a personal account through a hosted Exchange provider. There was no "cross pollination" between either account, and each had a completely separate inbox/data stores. So not only is it technically possible, the functionality is also available for use. Also, as a security professional, I think there are other real security concerns/vulnerabilities to focus on, than something that has never been proven to be one.
8notime said:
I'm sorry but that isn't true. Like I said earlier, I was able to add more than one Exchange account - contacts, calendar, and email - on both my Droid and Droid X. One Exchange account for work, and the other a personal account through a hosted Exchange provider. There was no "cross pollination" between either account, and each had a completely separate inbox/data stores. So not only is it technically possible, the functionality is also available for use. Also, as a security professional, I think there are other real security concerns/vulnerabilities to focus on, than something that has never been proven to be one.
Click to expand...
Click to collapse
I understand that you have done it before. I've done it too on an iPhone. My point is that the capability to do so is not something that comes pre-cooked in an Exchange client. MS didn't do it until recently themselves. Given that a lot of the stuff in the Fascinate is pre-2.1 due to Samsung's pidgin kernel (really a 1.5 or 1.6 kernel hacked up for 2.1, from what I've read on here) I'm not at all surprised that functionality only recently available is missing.
Like I said - it takes more code to do it than not to do it... don't hold your breath for it from Samsung, although anything is possible in 2.2!
Hi Guys,
I have recently installed the 12070 F/W on my Lumia 800 phone and last night an email was sent out to all 500 contacts that I have for no reason. There was an email attachment in the form of a web address which, when opened, brought you to a page in a magazine called Business Journal.
I am really worried this morning. I need to email all of my contacts to warn them of this. But what do I do with the phone, do I have a virus on it? If so, how did it get there and what do I need to do to remove it??
Guidance right now much appreciated.
It's nearly impossible to send something from wp7 without user interaction.
I think that your PC is a victim or someone guessed your password to e-mail account.
Chipsaru said:
It's nearly impossible to send something from wp7 without user interaction.
I think that your PC is a victim or someone guessed your password to e-mail account.
Click to expand...
Click to collapse
Thanks for your ideas on this. This all happened last night when I was not even using the phone and my lappy was switched off. The mails was sent to absloutely everyone in my WP7 phone book :-(
17-apg said:
Thanks for your ideas on this. This all happened last night when I was not even using the phone and my lappy was switched off. The mails was sent to absloutely everyone in my WP7 phone book :-(
Click to expand...
Click to collapse
I doubt that something can send emails from your WP7 without your consent. Your contacts are also saved in your Live Account accesible from your PC. It could be possible that something has logged the Password on the PC and sent to a third person. You should make sure that your PC is always equipped with the latest antivirus. Also you should Keep in mind that Windows Live offers to sent you an one time Password via sms in case you Need to sign in from un untrusted PC.
It's absolutely impossible it has something to do with the phone. My guess is that someone got your Windows Live password and sent it from there...
Change you password asap
Done today, thanks. I was so surprised. I guess if someone had the password they could have done this online in my account without me knowing. First thing I knew was 66 undeliverable notifications on my phone late late night
Sent from my Lumia 800 using Board Express
17-apg said:
The mails was sent to absloutely everyone in my WP7 phone book :-(
Click to expand...
Click to collapse
So it was also sent to every Contact in your Live Account and/or Google Account. I guess someone had access to one of those.
Yes the mail was sent to every contact in my live account. It was simply a link to a buisness journal wzine as far as I could see; not a virus but a spam message. I have changed my password to access my LIVE account in th ehope that this will end it.
17-apg said:
Yes the mail was sent to every contact in my live account. It was simply a link to a buisness journal wzine as far as I could see; not a virus but a spam message. I have changed my password to access my LIVE account in th ehope that this will end it.
Click to expand...
Click to collapse
It's your email account that got hacked. Happened to my friend too, and he has an android. It's not your phone and possibly not your laptop either. It's your live account that got hacked by spam or virus.
actually not impossible
I also think that its impossible to mail/edit through wp phone api, making it nearly impossible to make viruses in traditional terms. Also for marketplace there are are some virus scanning made of apps on submission.
However app behaviour is another thing...
Think about the following scenario:
You install a smart dialer (for example) that requires access to contacts, owner identity and data services.
Without Your consent and knowledge the app harvests and sends of information from Your device.
The sum of all is that: yes, it might be a app on Your phone that is behind the mailing as well as it might be malware on your pc.
Don't install apps from unknown developers that requires more permissions then what seems ok.
Thanks for all your replies.
Seems like it has been an attack on my windows live mail account. Have changed password and will now do so every 90 days or so as recommended by microsoft. I have also checked all apps on my phone and there are none that i can see accessing my contacts. But I will continue to check.
17-apg said:
Thanks for all your replies.
Seems like it has been an attack on my windows live mail account. Have changed password and will now do so every 90 days or so as recommended by microsoft. I have also checked all apps on my phone and there are none that i can see accessing my contacts. But I will continue to check.
Click to expand...
Click to collapse
There is no API for sending emails without the phone owner's confirmation so it is impossible. Though be careful when giving your email to websites (and apps too) as they can use it to send spam. Sending email from any address does not need a password.
I recently got sick of Google+ prompts when I log into certain google-hosted features.
I have had this account for many years, and finally change my name, and it "might be" obvious that it is not my "legal" name.
Has anyone had their account deleted that pays for google apps, and uses it on their Android(s)?
What happens to purchased app retrieval, if this is the case? Switch to Amazon with a new e-mail account, and not give google another penny to track you?
Why are you concerned about Google tracking you? Serious question.
Sent from my HTC One S using xda app-developers app
tevinwade said:
Why are you concerned about Google tracking you? Serious question.
Sent from my HTC One S using xda app-developers app
Click to expand...
Click to collapse
I am not worried about the tracking, or I would not be using a Smartphone, it's all about the monkey-wrenching and not part of the database.
(Most people don't even know how many thousands of data-points they collect every day:
http://www.youtube.com/watch?v=NObTjstI6f4 Part two is even more interesting.)
Has anyone had their account deleted that pays for google apps, and uses it on their Android(s)?
I never had news of this subject ... already tried support?
I have a plenty of friends on G+, and 90% of them is NOT using their real name.
While they got some warnings about that, all they did was changing their fake name to another fake name. I never seen any of my friends getting banned for that.
And also, I don't think that your whole account will get suspended, I think that the only thing you won't be able to access will be G+. But I am not 100% sure on that.
So I finally upgrade my LG simple 1G phone to a VZW Galaxy S4, allowed it to update to MK2, setup my gmail account (not G+ though), take care of organizing it like I want, etc. Next thing I notice, that in my gmail I start getting dangerous looking spam ("update your Amazon credit card info", "update your ###### info", and the image had a link which would've sent me to a Yemen domain. Nothing happens without a reason, and the only thing that changed was I gave the phone my gmail logon. I did not directly give account info to any of the other vendors advertised on the bloatware on this phone. I should add that prior to this I was familiar with the spam I'd get in gmail (and gmail would flag it into spam folder) and it was consistent and never made it into my inbox.
This being my first android I'd appreciate comments on your experiences with this, and anything you can share on how to better safeguard my info. I hate google, or anybody for that matter, having so much access to my credentials which I normally and successfully hold fairly close. (Yes this is my first smartphone).
I am a Malwarebytes registered user on my desktop and laptop so I downloaded their app onto my phone, but something tells me what caused this spammer to source me was over-sharing of data on google's (android's?) part.
Thanks
MessyPotamia ("because in the land between the Tigris and Euphrates, things are a MESS")
Huntsville, Alabama
I think its pretty safe to say its coincidence. My family owns about 5 Android devices and I myself have three Android devices currently in active use , two gmail account, one for my personal devices and the other for family use and so far, we have yet to get any 'weird' spam issues except for the occasional spam that promises me that I'll get bigger manhood and such. Try playing with the app settings or try another email app. I mean, if you have a gmail account all this while and google wants to sell off your personal information, they would have sold it a long time ago and not wait only now because you have a new smartphone right? Lol
Sent from my GT-N7105 using xda app-developers app
mha93 said:
I think its pretty safe to say its coincidence. <SNIP> I mean, if you have a gmail account all this while and google wants to sell off your personal information, they would have sold it a long time ago and not wait only now because you have a new smartphone right? Lol
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
Didn't mean that I think G directly sold it off, but something enabled a spammer to target me. Have been getting this same spam about 1x / day since I shared my 10 yr old gmail acct w/ VZW/I545/MK2. Something triggered it, I don't believe in coincidences (my prior CI work, sorry!), and the only thing that changed was my new setup.
Maybe its something that you've installed? Like have you pirated any apps or downloaded any sketchy apps? Besides that, I can't think of other ways besides logging in to your gmail account, and actively mark the emails from that address as spam.
Sent from my GT-N7105 using xda app-developers app
mha93 said:
Maybe its something that you've installed? Like have you pirated any apps or downloaded any sketchy apps? Besides that, I can't think of other ways besides logging in to your gmail account, and actively mark the emails from that address as spam.
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
Two days later from my orig post. First, I have not downloaded any suspicious apps (only 2 banking apps, and they're pretty secure), one or two others from app store (but uninstalled them when I wasn't impressed). I set up my wife's yahoo email account as another account under email; one gmail account I use often as another email account; and my regular gmail account is the main phone account. My regular gmail account gets very little spam.
Now I notice my wife is getting evidence her contacts have been harvested, as folks in her contacts (some very old contacts) are replying "Did you send this? " or rejection messages from their .gov or .mil enterprise mail server. She has had registered malwarebytes on her laptop, as do I on mine. Tomorrow I will run CCleaner and HijackThis on both hers and mine. I must say the neither of us visit suspicious places or have any poor practices regarding opening emails or attachments, and our Secunia PSI scores are usually around 98.
This has to have something to do with my new Galaxy S4 and the fact that I gave it my gmail credentials, and her yahoo credentials.
This is not a coincidence.
After googling around, I came upon several forums stating that their users are getting spam mails after logging into their gmail accounts from their 'new' smartphones. So I guess your case is not unique. In all the cases, they managed to solve the problem by changing their gmail password. So what I'm thinking is that your phone is a 'manufacturer refurbished phone' or at least one that was returned to your carrier and repackaged again and that the previous owner left a malicious code or script in the phone. So short of returning to your carrier or to Samsung, I suggest that you change your password, factory reset your phone, update the firmware before logging in to your gmail account and see if it changes anything. The best bet is to return it to Samsung or your carrier on grounds that its a 'defective device' or at least claim that something is wrong with it. Chances are, they will reflash a fresh new firmware onto your phone and would in theory solve and delete any malicious code in your phone. Or they'll replace yours with a new phone. Yeah sounds troublesome but if you want to skip Samsung and reflash a new firmware yourself, head over to the S4 forums and see the method of flashing a new stock firmware. Sorry that your new smartphone causes so much problems. Google is quite helpful when its working right.
Sent from my GT-N7105 using xda app-developers app
(Problem solved)
mha93 said:
After googling around, I came upon several forums stating that their users are getting spam mails after logging into their gmail accounts from their 'new' smartphones.<<SNIPPED for brevity>> Google is quite helpful when its working right.
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
The source of the spam is most assuredly the YAHOO MAIL ANDROID APP (downloaded 3 days ago from App store and put on her android, not mine). After running (reg'd) malwarebytes, plus CCleaner and HijackThis (all showed nominal) I began to suspect it was on Yahoo's side, and sure enough there are plenty of recent articles about their vulnerability. Removed the app from her Moto Droid.
I particularly enjoyed reading this:
[I can't post outside links, google the search terms "even-yahoo-employees-dont-use-yahoo-mail"]
Meanwhile, everyone here I thank for participating in this thread.
Was going to download and try this app from the Google store but have issues with privacy concerns:
This app has access to these permissions:
Your accounts
read Google service configuration
find accounts on the device
use accounts on the device
Your location
approximate location (network-based)
precise location (GPS and network-based)
Your messages
read your text messages (SMS or MMS)
receive text messages (SMS)
access mail information
Network communication
full network access
view network connections
view Wi-Fi connections
Your personal information
read calendar events plus confidential information
Phone calls
directly call phone numbers
read phone status and identity
Storage
modify or delete the contents of your USB storage
Your applications information
retrieve running apps
Your social information
read your contacts
read call log
System tools
read Home settings and shortcuts
write Home settings and shortcuts
test access to protected storage
Affects battery
control vibration
Status bar
expand/collapse status bar
Wallpaper
set wallpaper
adjust your wallpaper size
Click to expand...
Click to collapse
Why does this app need to access so much of my personal information?
Yearoftherat said:
Was going to download and try this app from the Google store but have issues with privacy concerns:
Why does this app need to access so much of my personal information?
Click to expand...
Click to collapse
Hi,
As you know, Themer helps increase the user experience by providing valuable information straight onto your homescreen.
This includes:
1. Displaying how many unread emails/SMS/missed calls you have. (Your messages
read your text messages (SMS or MMS)
receive text messages (SMS)
access mail information))
2. Displaying your map coordinates on a map image. (Your location
approximate location (network-based)
precise location (GPS and network-based))
3. A built-in dialer app that can display your recent contact as well as allow you to call a number directly from your homescreen. (Phone calls
directly call phone numbers
read phone status and identity) (Your social information
read your contacts
read call log)
4. Display agenda information. (Your personal information
read calendar events plus confidential information)
As you can see, it's all for display purposes. If you look at other widgets on the Play Store that perform the same activities, they will also require these permissions. It just so happens that Themer has all of these features built into one app. Hope this helps clarify the matter.
Thanks for the clarification. Looking forward to trying out the app!
I have the same concerns, beginning with the need to login before using any themes. (The explanation given in the faq seems too lame for me). Looks like a terrific app but possibly not for those who worry about privacy. I'm personally too scared to try it.
One option to explore is using this app with xprivacy installed which allows one to restrict unneeded permissions. Maybe a firewall might help?
Anderson2 said:
I have the same concerns, beginning with the need to login before using any themes. (The explanation given in the faq seems too lame for me). Looks like a terrific app but possibly not for those who worry about privacy. I'm personally too scared to try it.
One option to explore is using this app with xprivacy installed which allows one to restrict unneeded permissions. Maybe a firewall might help?
Click to expand...
Click to collapse
Hi Anderson2,
That FAQ actually sums it up quite well. The login feature creates a security barrier for us, which even though is not the most advanced way of preventing intrusions into our theming servers, it does a good job in finding people who are trying to tamper with our systems. That and of course sending users email updates of new features if they request it.
When exactly do you need login? Just to download themes? After the download can one log out? I don't like the idea that you have access to my emails, texts, and any files your widgets access. That is what concerns me.
I don't know enough about themer because I'm afraid to use it, but I believe your zooper widget doesn't require login. (Does it?) Can you explain how they differ in the need for protection?
I have to say that I share those concerns. Why do you force users to login with their Google or Facebook accounts? I do not understand why this should be a better securitry barrier than the login data from mycolorscreen.com? I would not even give away my login data to someone I know, so why should I give away this data to someone I do not know at all???
Well said.
+1
shibadoo said:
I have to say that I share those concerns. Why do you force users to login with their Google or Facebook accounts? I do not understand why this should be a better securitry barrier than the login data from mycolorscreen.com? I would not even give away my login data to someone I know, so why should I give away this data to someone I do not know at all???
Click to expand...
Click to collapse
Yet you log in to this forum and use it.
The explanations have been given. It's to ensure you are who you say you are when you access their servers to download the themes.
As for all the other access, Themer provides a lot of different information as explained (you DID read what he posted, correct?) GPS position, weather, etc. All of this is based on location, etc, as well as if you want unread email counts, etc. It's all there in Themer given you everything all rolled into one app, rather than having to download each piece separately. If you don't like it, don't use it. Thousands upon thousands of users are using it without any issues. I definitely like to protect my privacy, but this app is the least of your worries about privacy.
There are many other problems that could result if they didn't want you to verify who you say you are. Do you want someone to hack their servers and then you download a hacked theme that could result in even more privacy issues for you?
In the end, if you don't want to use it, don't. Nobody is forcing you to use it and they have every right to protect their investments as well. There are plenty of other apps out there you can use that can provide the same type of experience. Usually, the themes are not housed in a server so you can download them from elsewhere, but unless you're getting them from Google Play, then who is to say how safe those are? Many 3rd-party app stores are NOT the safest as they do not follow Google's security policy. At least with Themer, it's in the Google Play market and has had to go through Google's scrutiny.
A few weeks ago, the app was erroneously flagged as something that could steal your information. Google came back later and stated it was an error on their part and verified that the app is safe and it will not steal your information.
I've used it for months and nothing bad has happened to me.
There are many other ways for hackers to get your PI and this is the least of your worries.
vulcanvillalta said:
As an American, and therefore afraid of everything, I personally vote to not give out so much information. But on the other hand, IF someone wanted to get all of your information, they could probably do it without your consent. I would probably stay away from it, though. Just to "try" to be safe.
Click to expand...
Click to collapse
Once Facebook introduces its anonymous login feature, our developers will implement the feature into Themer
iBolski said:
Yet you log in to this forum and use it.
Click to expand...
Click to collapse
Yes, I do use this forum, but of course I do not log in with my Google account. There would be no reason to do so - same goes for Themer. I would have no problem if Themer would ask for my login data from mycolorscreen.
iBolski said:
The explanations have been given. It's to ensure you are who you say you are when you access their servers to download the themes.
Click to expand...
Click to collapse
You think you know who I am because I enter some data that nobody ever controls? I could simply enter some Google account data I created only for Themer. But honestly, this is too much effort for me only the check if I like an app.
iBolski said:
As for all the other access, Themer provides a lot of different information as explained (you DID read what he posted, correct?) GPS position, weather, etc. All of this is based on location, etc, as well as if you want unread email counts, etc. It's all there in Themer given you everything all rolled into one app, rather than having to download each piece separately. If you don't like it, don't use it. Thousands upon thousands of users are using it without any issues. I definitely like to protect my privacy, but this app is the least of your worries about privacy.
Click to expand...
Click to collapse
What exactly has GPS and weather to do with my Google Account data? I do not share GPS data with Google, so I would not with Themer as well. And for a weather forecast I would simply type in 5 numbers - my zip code. This is exactly what I do right now.
iBolski said:
There are many other problems that could result if they didn't want you to verify who you say you are. Do you want someone to hack their servers and then you download a hacked theme that could result in even more privacy issues for you?
Click to expand...
Click to collapse
And because the people at Themer have may account data, nobody can hack their servers? So the solution to all hacked servers worldwide is so simple? Just giving them Google account data?
iBolski said:
In the end, if you don't want to use it, don't. Nobody is forcing you to use it and they have every right to protect their investments as well. There are plenty of other apps out there you can use that can provide the same type of experience. Usually, the themes are not housed in a server so you can download them from elsewhere, but unless you're getting them from Google Play, then who is to say how safe those are? Many 3rd-party app stores are NOT the safest as they do not follow Google's security policy. At least with Themer, it's in the Google Play market and has had to go through Google's scrutiny.
Click to expand...
Click to collapse
Yes, I do not use it. This is the consequence.
iBolski said:
There are many other ways for hackers to get your PI and this is the least of your worries.
Click to expand...
Click to collapse
So what should be my worries if it is not giving away voluntarily my Google account data to someone I do not know???
And you forgot something: I know at least 5 people that use their Android phones without a Google account, and they also do not use Facebook. Believe it or not: these people do really exist, and they even survive without a Google and a Facebook account.
So for me there is no credible information why the people at themer need my Google account data, and why this should protect them from being hacked. Or why my Google Account data should be safer than my mycolorscreen account data. This is why I will not use themer and would not recommend it to others.
shibadoo said:
Yes, I do use this forum, but of course I do not log in with my Google account. There would be no reason to do so - same goes for Themer. I would have no problem if Themer would ask for my login data from mycolorscreen.
You think you know who I am because I enter some data that nobody ever controls? I could simply enter some Google account data I created only for Themer. But honestly, this is too much effort for me only the check if I like an app.
What exactly has GPS and weather to do with my Google Account data? I do not share GPS data with Google, so I would not with Themer as well. And for a weather forecast I would simply type in 5 numbers - my zip code. This is exactly what I do right now.
And because the people at Themer have may account data, nobody can hack their servers? So the solution to all hacked servers worldwide is so simple? Just giving them Google account data?
Yes, I do not use it. This is the consequence.
So what should be my worries if it is not giving away voluntarily my Google account data to someone I do not know???
And you forgot something: I know at least 5 people that use their Android phones without a Google account, and they also do not use Facebook. Believe it or not: these people do really exist, and they even survive without a Google and a Facebook account.
So for me there is no credible information why the people at themer need my Google account data, and why this should protect them from being hacked. Or why my Google Account data should be safer than my mycolorscreen account data. This is why I will not use themer and would not recommend it to others.
Click to expand...
Click to collapse
You describe me exactly. I don't use my Google account to login anywhere, don't use Facebook, have phone GPS and location turned off, only enter zip code for weather, turn off sync everywhere, use a firewall, xprivacy, etc. - - and Google only thinks it has my info.
Everyone I know who is not a teenager or addicted to Facebook does the same.
vulcanvillalta said:
If you use fake names etc and are vague about your location, no, google doesnt have your name. But what about your IP address. They can tell that your pseudonym is performing functions from the specific location you are in. You might not GIVE them your name or address, but with the IP address linking you to a specific internet connection, they certainly can figure out who you are and where you are, if they want to.
Click to expand...
Click to collapse
Which is why I don't want to help other sites identify me by giving them my Google login. Not everyone has Google capabilities.
The points made in defense of keeping your personal information private (and not using your Google login for Themer) are valid and understood.
However, Themer is not designed for that type of mindset.
Themer is designed for the overall market - the vast majority if you will - not for privacy advocates.
It's simply a tool that allows the general Android user base (the FB'ers, Google +'ers, i.e. Socialites) to easily login to an app designed to make their phones look cool. Most of the functionality of the Themes are far more invasive than your Google login anyway (GPS coordinates, access to text/email notifications, call logs, etc) so I really don't see the point of wildly waving your arms around saying "privacy breach! privacy breach!"
Don't use it. Cool. I'm OK with that. I'm sure they are too. But why complain about it? What is the goal? Surely you cannot think they will redesign the app for you.
So really, you're just posting on XDA to aggravate the devs. I mean, what launcher doesn't have access to all of your info? It's like complaining that a specific model of car has a license plate that can be used to identify you. Guess what? All cars do. Take the bus bro
Anderson2 said:
Which is why I don't want to help other sites identify me by giving them my Google login. Not everyone has Google capabilities.
Click to expand...
Click to collapse
But your phone can still identify you. You are still logged into the internet via your carrier's internet and they can definitely get who you are on the phone.
You might as well just stay off the internet completely then.
And, if you're going to stay off the internet, then why have a smart phone? You're already identified out there through your carrier. If they breach your carrier account, they have all sorts of information right then and there, more so than Google would have. Think about it. Your billing address, etc.
Don't think for a minute that your carrier is completely safe. Even Verizon has had breaches.
vulcanvillalta said:
Like I said above, IF PEOPLE WANT YOUR INFORMATION, THEY CAN GET IT. There are nasty identity thieves out there that can find all of your information SOOOO easily. So easily. So whether or not you use an app or make a phonecall or whatever, you can still be traced and you can still be monitored and your information can still be acquired. I'm not trying to be a downer, but you can either accept that you are at the mercy of whoever wants to stalk you, or you can spend the rest of your life worrying and trying to protect yourself from something you literally have no control of.
IMHO, if you can use the app and it would benefit you, you might as well enjoy it.
Click to expand...
Click to collapse
Not sure why you quoted me bro, I'm on the same page you are.
IT need to display some information about your phone