OK guys I'm new here (kinda) , I searched the forum, read etc and haven't come across any of the above mentioned issue.
Now my reason for not naming the above game is because I do not want other users to go doing anything they shouldn't.
I'm not sure if this is really really serious or its just a feature I didn't read in the App (xposed/xprivacy). Anyways I'll get to the point!
I recently found out I can access another users account (on a popular game) when xposed is installed and activated.
I tried it two times and it actually works (I didn't do anything to the account but I was curious).
Now my question is, could this be a bug in the game or something? M thinking this could be a real big issue if gotten in the wrong hands.
I will report it to the devs of the game but I want to know first etc.
Sent from my SGH-T999V using XDA Premium 4 mobile app
Best thing to do is follow industry standard and practice responsible disclosure. Generally a secure, private message notifying your discovery to the developers that have made the potential mistake is the first step to take.
If they don't respond kindly and promptly explaining how they're working to resolve the issue, then it would be best to inform them that you're going to be responsible in informing the app's distributors (play store?) to have them figure out if it's a serious problem enough to disable distribution until the bug is fixed.
If after that you've still not seen any honest progress in mitigating the vulnerability, call the press, those vultures love rotting flesh for the front page.
What is Responsible Disclosure? http://forum.xda-developers.com/showthread.php?t=2338337
Thanks dude! Will do as u suggested, however I posted in their forum asking them to contact me as I'm on my phone n isn't close to a pc n it's really hard to navigate their website on the phone.
Sent from my SGH-T999V using XDA Premium 4 mobile app
Understandable. If you can, see if their team has a direct contact anywhere I their site when you have a desktop to work with. play store usually has a contact link for app Developers too. I'd like to think most software teams are at least responsible enough for reputations sake and will give their due diligence depending on severity, but I've not a clue. Someone brings me a tip like this and I'd be all ears, but some of the projects I work with deal with a bit more sensitive data (unless this app you're talking about had in app billing, which would make this much more serious. Legal implications for improper handling of consumer financial data can be quite serious unless you're on wall street.)
Well, it DOES have in-app purchase! I went ahead and checked out again, I realise it can (continually) access only one set account based on Xprivacy 's "global fake account", settings, when I go manual and change uses random settings, it does not access that said account, from further test I realise accessing another players account has to do with the email address, because when I unchecked the other features it does not work (it takes me to a new game instead) I'm not sure how the devs of Xprivacy provide or Crete the "global fake account" but it has something to do with accessing the app, if someone is really determine n decide to modify/rewrite Xprivacy I believe it can be used to access anyone's account based on If u know who actually plays that game, easiest way is to just go on play store see who comment and find some way to get their email address!
Edit: I also emailed them with pictures of the users account and how I accessed it, I didn't mentioned Xprivacy as I was uncertain if I should. Do u think I should?
Btw I still don't get any reply and that was from about 12 hours ago.
Sent from my SGH-T999V using XDA Premium 4 mobile app
wow
geminixx said:
Well, it DOES have in-app purchase! I went ahead and checked out again, I realise it can (continually) access only one set account based on Xprivacy 's "global fake account", settings, when I go manual and change uses random settings, it does not access that said account, from further test I realise accessing another players account has to do with the email address, because when I unchecked the other features it does not work (it takes me to a new game instead) I'm not sure how the devs of Xprivacy provide or Crete the "global fake account" but it has something to do with accessing the app, if someone is really determine n decide to modify/rewrite Xprivacy I believe it can be used to access anyone's account based on If u know who actually plays that game, easiest way is to just go on play store see who comment and find some way to get their email address!
Edit: I also emailed them with pictures of the users account and how I accessed it, I didn't mentioned Xprivacy as I was uncertain if I should. Do u think I should?
Btw I still don't get any reply and that was from about 12 hours ago.
Sent from my SGH-T999V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Awesome it's great to see that there is always someone to test those boundaries, as its people like myself that always take it for granted that, when someone says a game is safe we take it as "Gospel" so to speak, that it actually is.I found this thread a genuinely interesting read and I learned that not everything is as plain as the nose on my face...thanks guys!
geminixx said:
Well, it DOES have in-app purchase! I went ahead and checked out again, I realise it can (continually) access only one set account based on Xprivacy 's "global fake account", settings, when I go manual and change uses random settings, it does not access that said account, from further test I realise accessing another players account has to do with the email address, because when I unchecked the other features it does not work (it takes me to a new game instead) I'm not sure how the devs of Xprivacy provide or Crete the "global fake account" but it has something to do with accessing the app, if someone is really determine n decide to modify/rewrite Xprivacy I believe it can be used to access anyone's account based on If u know who actually plays that game, easiest way is to just go on play store see who comment and find some way to get their email address!
Edit: I also emailed them with pictures of the users account and how I accessed it, I didn't mentioned Xprivacy as I was uncertain if I should. Do u think I should?
Btw I still don't get any reply and that was from about 12 hours ago.
Sent from my SGH-T999V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Xprivacy forces your 'phone' to report bunk settings, which xPrivacy also allows you to manually set. So if this is a vulnerability in this particular app, where the app developers are relying on what they previously thought was solid and unmanipulable data from the users' phone.... then there's certainly potential for abuse, and potential for this vulnerability to be fairly widespread. It seems like an honest mistake on the part of the game developers because most situations the data that xprivacy is allowing manipulation to is in most cases static and unique per phone/user. You very well may have opened up pandora's box... Authentication to an app with purchasing power shouldn't rely solely on supposedly static strings within the android system...
Well either they don't take it seriously or they don't reach to my mail as yet cuz nobody replied to my email or my forum post, I'm thinking it's cuz I leave out the app I used to get the access, I dunno what else to do so imo just leave it... Or maybe email them one more time...
Sent from my SGH-T999V using XDA Premium 4 mobile app
Thanks flower! Always willing to help out! I do enjoy bug testing! Lol its my fave pass time!
Sent from my SGH-T999V using XDA Premium 4 mobile app
geminixx said:
Thanks dude! Will do as u suggested, however I posted in their forum asking them to contact me as I'm on my phone n isn't close to a pc n it's really hard to navigate their website on the phone.
Sent from my SGH-T999V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
You are possibly violating CFAA (a felony) but continuing to access data on their servers. I would stop accessing their sevices/using the app, and alert them. If you have issues contacting them, I can act as an intermediary, most companies will respond to me.
jcase said:
You are possibly violating CFAA (a felony) but continuing to access data on their servers. I would stop accessing their sevices/using the app, and alert them. If you have issues contacting them, I can act as an intermediary, most companies will respond to me.
Click to expand...
Click to collapse
They contact me on their forum, and what would they charge me for? I didn't do it deliberately. And I wouldn't give u any information cuz I don't know u anyways.
Sent from my SGH-T999V using XDA Premium 4 mobile app
geminixx said:
They contact me on their forum, and what would they charge me for? I didn't give u any information didn't do it deliberately. And I would cuz I don't know u anyways.
Sent from my SGH-T999V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
I recently found out I can access another users account (on a popular game) when xposed is installed and activated.
I tried it two times and it actually works (I didn't do anything to the account but I was curious).
Click to expand...
Click to collapse
intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer
Click to expand...
Click to collapse
Source: http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act
jcase said:
Source: http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act
Click to expand...
Click to collapse
Thank u for your info mate but if you realise I POSTED ABOUT IT OUT OF CONCERN! I tested to see if it was INDEED what I suspected! If ur a Dev (I'm not but I know because I do alot of beta testing) I'm sure u would no ALOT of people report false positive.
And HOW would I be able to explain in details as to how I was able to access it if it was done my mistake in the first place? That's what ur normally asked to do isn't it? Hmmmm
So me checking to make sure it wasn't isn't any violation as u call it. I'm not abusing anything...
Sent from my SGH-T999V using XDA Premium 4 mobile app
geminixx said:
Thank u for your info mate but if you realise I POSTED ABOUT IT OUT OF CONCERN! I tested to see if it was INDEED what I suspected! If ur a Dev (I'm not but I know because I do alot of beta testing) I'm sure u would no ALOT of people report false positive.
And HOW would I be able to explain in details as to how I was able to access it if it was done my mistake in the first place? That's what ur normally asked to do isn't it? Hmmmm
So me checking to make sure it wasn't isn't any violation as u call it. I'm not abusing anything...
Sent from my SGH-T999V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Yes I am a developer, working in the mobile security field (hence being a moderator of this forum). Yes, it was a violation of CFAA. If the company wants to be an vindictive, they certainly could get you charged for it (unlikely). Your post was (and is) fully welcome here, and exactly what we want to see. You possibly stepped too far the first time you accessed it, you certainly stepped too far the second time. If you do this or not, I personally don't care, I was merely offering you (accurate) advice.
K
Sent from my SGH-T999V using XDA Premium 4 mobile app
Related
i have a galaxy s2 with many free and paid apps on it. i wish to transfer ownership of the phone and all applications including paid ones to a friend so that he does not have to buy all the paid apps on it again.
i would think it is possible since i paid for use of them if i wish to give up use under my name and assign use to someone else using the same phone i should be able to. i cannot find a way to do this in play store or in appbrain.
does anyone have a clue how to do this or know where to point me for instructions?
i would have better luck contacting Abraham Lincoln than i would trying to contact google.
as it is the phone will probably try to self destruct once i change the gmail account it runs under so i want to have this in place in the stores so it can verify and re-get the apps if necessary without hassle since the stores would know that he owns the phone and apps..
any help would be greatly appreciated.
Cody
I think you should try to contact Abraham Lincoln, that seems like a good plan of attack. Just Google his contact info...
Sent from my SAMSUNG-SGH-I747 using xda premium
Apex_Strider said:
I think you should try to contact Abraham Lincoln, that seems like a good plan of attack. Just Google his contact info...
Sent from my SAMSUNG-SGH-I747 using xda premium
Click to expand...
Click to collapse
LOL might be.. they seem to think of everything i cannot believe they didn't think of this. transfer of equipment and associated 'licenses' is very common.
Titanium Backup
Sent from my CM10 KF w/ Tapatalk
sweeds said:
Titanium Backup
Sent from my CM10 KF w/ Tapatalk
Click to expand...
Click to collapse
i admit i am not familiar with titanium backup. outside of restoring any odd apps onto the phone so they run again, would that list the paid apps withi play store so when he gets an update to an app they wont try to charge him again? i want his apps account to totally recognize the s2 and all apps as 'his' without question so they will not try to charge him for them. i will have no rights at all to those apps on that phone. i have a galaxy note that i had to pay for all the apps again for it which is as it shoudl be.. it is a different phone...
i want to hand him the phone set up for his account such that when he goes to do anything with play store or appbrain they will recognize the phone and all apps on it free and paid, as his.
It is not possible to transfer apps from one user to another. It isn't even possible to transfer them to a different Google account that you use.
Read the Google terms and conditions and you'll see this on there - nothing you can do about it.
Sent from the darkest corners of my mind.
SimonTS said:
It is not possible to transfer apps from one user to another. It isn't even possible to transfer them to a different Google account that you use.
Read the Google terms and conditions and you'll see this on there - nothing you can do about it.
Sent from the darkest corners of my mind.
Click to expand...
Click to collapse
thank you. no i have not read their drivel. so then they on one hand scream freedom from being locked to a specific provider, and turn around and lock the phone in a far more sadistic and restrictive way. what we need is a company who believes in total freedom and implements such. they are no better than apple then..
wonderful.
i do not find a 'resolved/close' thread button so i will consider this thread closed.
Only one solution
gndmstr said:
thank you. no i have not read their drivel. so then they on one hand scream freedom from being locked to a specific provider, and turn around and lock the phone in a far more sadistic and restrictive way. what we need is a company who believes in total freedom and implements such. they are no better than apple then..
wonderful.
i do not find a 'resolved/close' thread button so i will consider this thread closed.
Click to expand...
Click to collapse
The only one solution is to put your gmail account on the phone of your friend. But of course he will have an access to all your mails etc, so I don't think it is a good solution !
HappyDr0id said:
The only one solution is to put your gmail account on the phone of your friend. But of course he will have an access to all your mails etc, so I don't think it is a good solution !
Click to expand...
Click to collapse
no. i did that once a few years ago for someone i trusted. that person abused the trust and bought all kinds of expensive apps and used my gmail email account as their own. i had to close everything out and start fresh so i will never do that again.
there is no earthly reason why a phone and all its installed apps cannot be moved from one account to another except google's apparent need for control or laziness in coding the proper routines.
gndmstr said:
thank you. no i have not read their drivel. so then they on one hand scream freedom from being locked to a specific provider, and turn around and lock the phone in a far more sadistic and restrictive way. what we need is a company who believes in total freedom and implements such. they are no better than apple then..
wonderful.
i do not find a 'resolved/close' thread button so i will consider this thread closed.
Click to expand...
Click to collapse
They may well use an Open-Source software for their devices, which is a fantastic thing, but they are a business and exist to make money. You don't 'own' the apps when you buy them - you are just getting the right to use them. Anything beyond that would be considered on-selling, even if you are making no money from it. Do you think that Apple would let you transfer apps to a different account? Or Microsoft for that matter?
SimonTS said:
They may well use an Open-Source software for their devices, which is a fantastic thing, but they are a business and exist to make money. You don't 'own' the apps when you buy them - you are just getting the right to use them. Anything beyond that would be considered on-selling, even if you are making no money from it. Do you think that Apple would let you transfer apps to a different account? Or Microsoft for that matter?
Click to expand...
Click to collapse
when you pay for an app you pay for a license to use that app. there is no reason why you cannot transfer that license to another person as long as you give up all rights to use that license yourself. i have done this with many microsoft applications and they support it. or at least they did as of the beginnings of xp. i would give the original disks to the person, remove the application from my machine and then i called msoft and advised them of the license transfer. they took the info and were happy. apple simply is not a contender in this situation. they are all about control. even moreso than microsoft and i would never have believed i just said that. dont get me wrong they make some incredible hardware and systems, i just totally am at odds with their business philosophies.
So I have this person every app I post to the android play store he comments negitive and gives it one star. Is there a way to get a person banned from my apps ?
Sent from my HTC_Amaze_4G using xda app-developers app
If your app is in the google play store, then it sounds like that person is breaking the Comment Posting Policy.
Don't post fake reviews intended to boost or lower ratings.
Click to expand...
Click to collapse
I'd report him - instructions for doing so are also in the aforementioned link.
The link to report potential violations is down:
We're sorry, but the information you've requested cannot be found. Please try searching or browsing the Help Center.
Click to expand...
Click to collapse
post-mortem said:
The link to report potential violations is down:
Click to expand...
Click to collapse
Yea I just saw that they need to have a report page for this this person has hit every single app that I have.
What are some of your apps? If they're good, I'm sure some generous people could counteract one spammer pretty quickly.
Sent from my M886 using Tapatalk 2
been fighting with another dev that for the second time has gotten my account banned..... The dev name is qualityapps.org he sends google fake dcma reports like today 3 apps got yanked back to back then banned I submitted a appeal with proof to google and didn't get over turned. So pissed and fed up with google not having customer support number for devs.
Sent from my HTC_Amaze_4G using xda app-developers app
You might want to consider hiring a lawyer, though I know that's never an exciting option. Proof is proof, though, and if Google gets a letter from a laywer, their legal team will have to get involved.
wow. does the Play Store have problems with this generally? I would have hoped android devs would get along better. I want to publish an app so I'll keep my eyes open if it happens to me.
AaronBronander said:
wow. does the Play Store have problems with this generally? I would have hoped android devs would get along better. I want to publish an app so I'll keep my eyes open if it happens to me.
Click to expand...
Click to collapse
Basically if a dev has a app like call of duty (we know how many of those are out) and you are at the top of the chart they will submit a DCMA report and get it removed off the market or get you banned so there app gets more downloads. This will be my third time signing up to google.
Call me paranoid but I recently gave a dev a bad review of his software from playstore which got me thinking that if he wanted to, since devs some times communicate with reviewer without having given them your email, he could create an update that would target my phone based on my email. Assuming my email is used on my phone.
Is it possible?
My understanding is that apps require your permissions to do anything that could be considered a safety hazard, like accessing your contact list or full internet access. Check what permissions have changed for the update before you install. Of course there is always the possibility of subversive code within any program.... I haven't heard of any problems like that yet.....
Sent from my PC36100 using xda app-developers app
i doubt this, but anything is possible I'm sure with enought effort and hackery.
---------- Post added at 03:21 PM ---------- Previous post was at 03:09 PM ----------
i doubt this, but anything is possible I'm sure with enought effort and hackery.
Sending you an email? I don't think that can bypass GMail's alerts and receive the apk in the background.
Although there are other ways of performing unethical activities.
Go see the app's data usage. If it's not an app that needs Internet so much than the data usage must be very low. But if the data usage goes very high and u donno how then that could be something fishy.
That can also be actual normal usage. You have to reason it right.
Sent from my GT-I9103 using xda app-developers app
lmali92 said:
Sending you an email? I don't think that can bypass GMail's alerts and receive the apk in the background.
Although there are other ways of performing unethical activities.
Go see the app's data usage. If it's not an app that needs Internet so much than the data usage must be very low. But if the data usage goes very high and u donno how then that could be something fishy.
That can also be actual normal usage. You have to reason it right.
Sent from my GT-I9103 using xda app-developers app
Click to expand...
Click to collapse
What I mean by "email" is I've written reviews in the past, I then get an email to my gmail account that is the same gmail id on my phone that I also use for playstore. The email from the dev I just addresses my review. This has happened more than once. So that tells me that when you review an app the dev some how gets your email.
So, I'm thinking I write a bad review, dev gets pissed, pissed enough to create an update to the software that targets any user that has a specified "email" on the device. The update says "bug fixes" but along with bug fixes he targets any device that has the target email.
I have no idea if this is possible but I don't see why not if he knows my email and can get the software on my phone with an update.
Again, I know it's a little paranoid, I'm just wondering if it's possible, theoretticly.
DomoDom said:
What I mean by "email" is I've written reviews in the past, I then get an email to my gmail account that is the same gmail id on my phone that I also use for playstore. The email from the dev I just addresses my review. This has happened more than once. So that tells me that when you review an app the dev some how gets your email.
So, I'm thinking I write a bad review, dev gets pissed, pissed enough to create an update to the software that targets any user that has a specified "email" on the device. The update says "bug fixes" but along with bug fixes he targets any device that has the target email.
I have no idea if this is possible but I don't see why not if he knows my email and can get the software on my phone with an update.
Again, I know it's a little paranoid, I'm just wondering if it's possible, theoretticly.
Click to expand...
Click to collapse
I really doubt this would happen, Developers cant get your email from leaving a review, at least not from the developer panel.. there are many times I would have loved to email and help people that just cant be bothered to email me for support so leave a 1 star rating.
If the app was paid for then they could get your email through google checkout by looking for your transaction.
<rant>As a developer I hate not being able to reply to ratings and reviews, nearly all the 1 star and 2 star reviews of my apps are stupid things that are easy to fix but the reviewer is far to lazy to ask for help. And alot seem to think you can reply to reviews, I get alot that say they need help but not leave any way to contact them </rant>
Sent from my MB860 using XDA Premium HD app
zacthespack said:
I really doubt this would happen, Developers cant get your email from leaving a review, at least not from the developer panel.. there are many times I would have loved to email and help people that just cant be bothered to email me for support so leave a 1 star rating.
If the app was paid for then they could get your email through google checkout by looking for your transaction.
<rant>As a developer I hate not being able to reply to ratings and reviews, nearly all the 1 star and 2 star reviews of my apps are stupid things that are easy to fix but the reviewer is far to lazy to ask for help. And alot seem to think you can reply to reviews, I get alot that say they need help but not leave any way to contact them </rant>
Sent from my MB860 using XDA Premium HD app
Click to expand...
Click to collapse
Well I can assure I've been contacted after posting a review. Also recently the devs have post responses to reviews that appear right below the review. Also they are purchased apps most of the time.
You do bring up a good point. Its not entirely fair to post a review without contact the dev first. In my case it was an issue about the hidden costs once you buy an app.
DomoDom said:
Well I can assure I've been contacted after posting a review. Also recently the devs have post responses to reviews that appear right below the review. Also they are purchased apps most of the time.
You do bring up a good point. Its not entirely fair to post a review without contact the dev first. In my case it was an issue about the hidden costs once you buy an app.
Click to expand...
Click to collapse
Yes they are rolling out the ability to directly reply but its only for the 'top' devs at the moment.
If they are paid its likely they found your transaction and contacted you.
Yes i think more people need to stop and email the dev (we infact offer every level of support going. Live chat/forum/email and yrt it still happens) often the issue is fixable and a mistake by the dev.
However that of cause isnt always the case
Sent from my GT-N7000 using xda premium
Just write another review telling him to **** off
Sent from my HTC One X using xda app-developers app
The main question is, if you gave him a bad enough review that will make him want to revenge, why do you still have his app on your device ?
Sent from my GT-N7100 using xda app-developers app
CreepyDroid said:
The main question is, if you gave him a bad enough review that will make him want to revenge, why do you still have his app on your device ?
Sent from my GT-N7100 using xda app-developers app
Click to expand...
Click to collapse
I think the main question is in fact what I asked, is it possible for a dev to write code that can target a phone that uses a specific email and does nothing to any other phone. Common sense tells me it would be possible, zero coding sense tells me to ask, I just wanted to hear from someone with more knowledge than me if it can be done.
I don't actually "know" that he would do anything and maybe he would just blow it off as he received several similar reviews to mine. Again, it got me thinking as to whether it could be done. That's all.
DomoDom said:
I think the main question is in fact what I asked, is it possible for a dev to write code that can target a phone that uses a specific email and does nothing to any other phone. Common sense tells me it would be possible, zero coding sense tells me to ask, I just wanted to hear from someone with more knowledge than me if it can be done.
I don't actually "know" that he would do anything and maybe he would just blow it off as he received several similar reviews to mine. Again, it got me thinking as to whether it could be done. That's all.
Click to expand...
Click to collapse
Can it be done? Yes. Is it easy, practical or ethical? Not in the least. It would rely on many factors that I will not get into. But it can be done. I wouldn't worry to much about a developer doing it. They would lose too much if it was found. Developers get bad reviews all the time.
Sent from Arkham
Thanks
Good point.
Sent from my GT-I8150 using xda premium
I am not a developer, while I seem to have more knowledge than the daily user, I do not have the knowledge base to attempt the project that I am curious about. I work for a local tow company as AAA tow truck driver. AAA has provided all its contract stations with an android device that runs an app that is basically a native interface for a web based portal for dispatching the calls. To make a long story short if I were to log into the web interface from my E4GT I can view the dispatched calls ok and the office seems to be able to track me ok, but the native app on the AAA device seems to be able to update statuses while the web interface doesn't seem to actually send the information. I got a hold of the native app apk file and it installed ok, however it asks for a user name that the web interface does not ask for. I assume that this is to prevent people (like me ) from installing on devices that weren't approved by AAA. I was wondering if perhaps there was a way to modify the program to skip this step and allow me to move right in to the log in. If anyone can point me in the direction of someone who may be able to undertake this project for me, I know several people who would rather use their own devices than the AAA device which we are held financially responsible for if it ever is broken or lost. If I were able to run it on my device I could toss their device in a drawer where it will stay safe until I need to return it. Please help. I included the .apk file if anyone is interested in giving this a go.
The likelihood is that modifying this original app in any way works break the law.
AAA obviously paid for the app to be developed and they will own the rights to it.
I suspect that your request breaks the rules of XDA.
The app was downloaded fire free with no copyright permissions agreed to at this location. (I tried to post a link but I guess in too new, I have it tho if you need evidence] therefore I would assume no laws were broken. That web page is the web based program and allows you to download the app without agreeing to anything.
Sent from my SPH-D710 using xda app-developers app
Mark1537 said:
The app was downloaded fire free with no copyright permissions agreed to at this location. (I tried to post a link but I guess in too new, I have it tho if you need evidence] therefore I would assume no laws were broken. That web page is the web based program and allows you to download the app without agreeing to anything.p
Click to expand...
Click to collapse
You can post a link by sticking it in as clear text, with no 'http://' if you really need to.
Just because you are able to download it for free doesn't mean there are no inherent copyright and licences - you will often find them as part of the installation procedure.
OK here's the link. d3me.ersace.com/d3me/htmls/index.jsp
The AAA servers have been having issues over the last couple days so the website seems to be down right now. It actually has been making with really tough because all or calls are being dispatched late and customers aren't happy. But there were no permissions on the installation either. It installed fast and asked for a user ID that I'm assuming belongs to someone in their tech dept. That's all.
After that it should go straight to the contract station and driver log in.
Sent from my SPH-D710 using xda app-developers app
The website is up again. Feel free to check it out. I've been trying to get a hold of someone from AAA to talk about getting me a log on, but I have no response. I can't see how they could object to me using software that they want me to use. I just don't want to risk the device that they are holding me responsible for. Aside from the fact that I don't want to carry multiple devices around. I don't want to break any laws, but there doesn't seen to be any restrictions on this particular app.
Sent from my SPH-D710 using xda app-developers app
Mark1537 said:
The website is up again. Feel free to check it out. I've been trying to get a hold of someone from AAA to talk about getting me a log on, but I have no response. I can't see how they could object to me using software that they want me to use. I just don't want to risk the device that they are holding me responsible for. Aside from the fact that I don't want to carry multiple devices around. I don't want to break any laws, but there doesn't seen to be any restrictions on this particular app.
Click to expand...
Click to collapse
The website seems to be back down again, at least as far as I can tell.
I just checked it this moment. And it's up.
Sent from my SPH-D710 using xda app-developers app
Mark1537 said:
I just checked it this moment. And it's up.
Click to expand...
Click to collapse
Yeah, just discovered that it's an https:// not an http:// link
By pressing ACCEPT, you agree not to use this application while operating a motor vehicle, and agree to the other limitations with respect to the use of this application as described in the accompanying materials.
Click to expand...
Click to collapse
That would be implicit to the software as well, so I would assume that the 'accompanying materials' probably includes their restrictions of use.
Regardless, I can't see you getting anywhere without the username and password. I reckon that social engineering is likely to be more successful than hacking the app, but I may be proved wrong.
I'm finally getting some response from AAA, it was a handbook given during the training for the software. I have read through it and an struggling to find anything regarding the licensing or copyright infringement. I don't deny the ethical gray area that I am standing in, I am just trying to make my working life easier. If I can accomplish the task through the proper means by acquiring a log in of my own I will do that, I was just wondering if the same results could be achieved through alternative means.
Sent from my SPH-D710 using xda app-developers app
Mark1537 said:
I'm finally getting some response from AAA, it was a handbook given during the training for the software. I have read through it and an struggling to find anything regarding the licensing or copyright infringement. I don't deny the ethical gray area that I am standing in, I am just trying to make my working life easier. If I can accomplish the task through the proper means by acquiring a log in of my own I will do that, I was just wondering if the same results could be achieved through alternative means.
Sent from my SPH-D710 using xda app-developers app
Click to expand...
Click to collapse
Hi I know this is a little old but my station just up graded to the tablets also so I am in the same boat now and was wondering if you where able to get any further with this
nope
bearclaw001 said:
Hi I know this is a little old but my station just up graded to the tablets also so I am in the same boat now and was wondering if you where able to get any further with this
Click to expand...
Click to collapse
Noboy was willing to help either here or at AAA, however; if you are a reliable driver that doesn't need to be tracked everywhere that you go, justmake sure that your dispatch tells you when they send you a call and the web link will work. It will even track you if you leave it runnng. But there is no alert sound. So if dispatch just sends calls and doesn't tell you, its no good. Luckily I have been able to just deal with it for now. I'm extra careful with their device, and hopefully nothing will happen. But the tablets...... that sems pricey.
Mark1537 said:
Noboy was willing to help either here or at AAA, however; if you are a reliable driver that doesn't need to be tracked everywhere that you go, justmake sure that your dispatch tells you when they send you a call and the web link will work. It will even track you if you leave it runnng. But there is no alert sound. So if dispatch just sends calls and doesn't tell you, its no good. Luckily I have been able to just deal with it for now. I'm extra careful with their device, and hopefully nothing will happen. But the tablets...... that sems pricey.
Click to expand...
Click to collapse
To say "Noboy was willing to help either here or..." is rather unfair. Nobody here would have any benefit from modifying the application to do what you wished, even if they did want to get involved in the legal gray area, and you can't exactly expect a developer to simply spend hours or days taking an app apart in the hope of modifying it when there is no real reason for them to do so.
Your best bet always was, and still is, to go back to AAA and ask them. If enough of the drivers start doing so they may consider allowing installation on a different device - although they may demand the device by sent to them first for the installation so they can pre-enter the required log-on information.
not an insult.
SimonTS said:
To say "Noboy was willing to help either here or..." is rather unfair. Nobody here would have any benefit from modifying the application to do what you wished, even if they did want to get involved in the legal gray area, and you can't exactly expect a developer to simply spend hours or days taking an app apart in the hope of modifying it when there is no real reason for them to do so.
Your best bet always was, and still is, to go back to AAA and ask them. If enough of the drivers start doing so they may consider allowing installation on a different device - although they may demand the device by sent to them first for the installation so they can pre-enter the required log-on information.
Click to expand...
Click to collapse
My post was not meant as an insult, just a statement of fact. I always aknowledged the legal gray area, and more than understand why nobody would get involved. I guess I was hoping somebody might point me in the right direc,tion to accomplish the task on my own. I have since given up the task as I have stated already, and continue to utilize the various recources this site provides. I'm sorry you were offended, but once agan, it was not an insult. Have a nice day.
simple
Guys i know this is kinda a dead post but AAA locks the tablet to go to the one website only.. that is when you click on the "app" on the tablet, it is just opening the web page. its your shop number, password, truck id and user id.. no install needed.
If you install this on your own device (only some clubs allow "bring your own device") you need to enter the location url for your particular club usually http://spp.aaa.com/d3me*** where the *'s are your club number. Then you have to have an application username which is simply a password that gives you access rights to install the application. You will never see this on a club owned device like a cell phone or tablet provided by the club you are contracted for because it is preinstalled. So as "simple" as stated that is all you need on a club device but if you are trying to install on your device (which likely runs much faster and better anyway) then you need a club that allows BYOD to get the application installer password. (And no I wont post the installer password!)
I was wondering if Google was like spying on me on my phone. I have the Google apps that came with my phone (that I don't use) I wanted to know if they could track me with those apps and spy on me and if I should get rid of them. All answers are appropriated thanks!
Sent from my LG-D800 using XDA Free mobile app
maxster95 said:
I was wondering if Google was like spying on me on my phone. I have the Google apps that came with my phone (that I don't use) I wanted to know if they could track me with those apps and spy on me and if I should get rid of them. All answers are appropriated thanks!
Sent from my LG-D800 using XDA Free mobile app
Click to expand...
Click to collapse
Google collects user information everywhere, your phone is not excluded.
maxster95 said:
I was wondering if Google was like spying on me on my phone. I have the Google apps that came with my phone (that I don't use) I wanted to know if they could track me with those apps and spy on me and if I should get rid of them. All answers are appropriated thanks!
Sent from my LG-D800 using XDA Free mobile app
Click to expand...
Click to collapse
like FoodAlmighty said they do collect information, i dont think they can see your texts and phone logs, they are able to read your mail on gmail as well. if google were to want to spy on you, what would they do to you? what would they ever want with everyone's information?
Google's motto "Don't be evil".
But can I prevent any of that by uninstalling Google apps well I know I can't full prevent it but can I do anything to lesson the chances? I'm not doing anything I don't want anyone to see but it's just privacy invasion you know?
Sent from my LG-D800 using XDA Free mobile app
maxster95 said:
But can I prevent any of that by uninstalling Google apps well I know I can't full prevent it but can I do anything to lesson the chances? I'm not doing anything I don't want anyone to see but it's just privacy invasion you know?
Sent from my LG-D800 using XDA Free mobile app
Click to expand...
Click to collapse
No, you can't prevent it. If they want to, they can collect any data they want from your phone.
The only way to keep your privacy is not using any device that can be connected to the internet.
Sent using Tapatalk
Alright thanks
Sent from my LG-D800 using XDA Free mobile app
maxster95 said:
Alright thanks
Sent from my LG-D800 using XDA Free mobile app
Click to expand...
Click to collapse
if there is one, you could probably get a new OS on the device, like firefox OS or ubuntu, but really its nothing to worry about, im sure if google where to do something nasty it would be in the future when they own almost everything xD
Lol true true
Sent from my LG-D800 using XDA Free mobile app
Google spies
Google "spies" on everyone who uses any Google service, and likely any Google product; that's exactly their business model. They sell ad targeting based on your Internet behavior, and a big part of their marketing advantage is that they own a lot of different sites that coordinate their records of your behavior.
The real question is how much to trust them to anonymize things, assuming that the information they gather and collate about you---your likely demographic properties (age, race, sex, occupation, geograhic region of residence, sexual orientation, political leanings, health issues, etc.)---is not in some way passed on to advertisers---or implicitly to people who monitor what ads you're served, without Google having to cooperate.
Don't expect actual privacy on the Internet. Assume that there are data miners out there who notice what ads you are served, and what that indirectly reveals about you, even if Google is not just handing over explicit information about you to the US government in response to secret FISA court orders. Assume that spies know more about you than your spouse does---who you've called at what hours, who you've chatted with, what you've discussed, etc.
Never answer a question on the Internet truthfully, or consistently. "Polls" on websites are mainly a way of targeting you, and selling information about you to advertisers, or to anyone who'll pay for that information, e.g., spy agencies. If you're a conservative, answer liberally half the time, and vice versa. Don't give your real age, or give your real sex more than half the time. Make them work for information about you, and make sure their data sets are full of noise.
Of course, if you do these things---e.g., being inconsistent in answers about your age and sex---that will set off alarms and draw scrutiny.
Welcome to the Kafkaesque 21st century.