I'm posting this here because the LauncherPro forum is dead.
So I'm wondering, is LauncherPro Dead? The developer discontinued it? Can anybody give me some insight to why things are the way they are.
I'm new to the whole launcher scene, so I dont know the developer, i dont know the history of the site. At the moment im a customer whos paid, and got nothing but a failure of a site.
I bought pro few days ago, Direct Debit no eCheck nonsense, so payment is instant, (i buy a bunch of stuff direct debit and all come back instant). I received the unlock code email but the code didnt work, figured they'd be a delay.
Tried later, still not working...
Tried going to main website (launcherpro.com) and I get an error.
Access to the web page was denied.
HTTP Error 403 (Forbidden): The server refused to fulfill the request.
Click to expand...
Click to collapse
Tried going to the forums (launcherpro.com/forum/)
Access to the web page was denied.
HTTP Error 403 (Forbidden): The server refused to fulfill the request.
Click to expand...
Click to collapse
Tried going to the support (support.launcherpro.com)
Forbidden
You don't have permission to access / on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request..
Click to expand...
Click to collapse
...
So anyway figured they were having issues. Come back days later, Key still not working. Websites still not working, I had to proxy through just to post. Assuming outside US connections are being rejected for specific location requests.
I go to the request page, put in my email and get the lovely:
Sorry, we couldn't find that email address in the database. Please make sure you entered it correctly and try again.
Click to expand...
Click to collapse
How is this even flipping possible lol I get an email saying thank you! Here is your paypal email, here is your code, then later its like "oh no idk who you are!".
Email Fede, no reply, emailed again, replied saying go to the support forum. I would if I could flipping access it. So proxied through to support forum, posted a message, get an email confirming post: "Your support ticket ID is xxxx....", I click the link and hilariously get:
Error:
Ticket not found! Please make sure you have entered the correct tracking ID!
Click to expand...
Click to collapse
Why is the launcherpro system so messed up? Should I consider this a dead project and move on, loyalty is out the window.
I post here because this site is lively and hopefully I might get some clue as to what is going on, the launcher pro forums are like a wasteland.
What the hell you talking about man? check again works fine it maybe in your end.
No issues here accessing the site. I'm outwith the US.
If you can't access his site, how do you expect the code to be accepted? It contacts the server, so something is wrong between you and his server. But his box is fine and online.
Resolved The problem lied with DNS usage on ISP's in my area (Talktalk, Sky) which were not refreshing the new site but loading the old server, which was causing me to come up with the above post as the old server has not been used for 2 weeks, but is still accessible and not yet redirected. (Which it should be to prevent these sorts of issues) After changing to Google DNS I was able to get onto the site without the need of proxies.
I'd be happy for this thread to be locked.
Seems that HTC is finally acknowledging Peep's vulnerabilities and while not publicly releasing an update, they will send it out to people who request it...
http://blog.taddong.com/2011/02/vulnerability-in-htc-peep-twitter.html
It's about time they got a fix out for it!
By the way, the Tweet for @xdadevelopers went out saying this was for Android users, instead of Windows Mobile users.
We have published an article regarding this situation on our Portal
http://www.xda-developers.com/android/htc-peep-vulnerability-update/
How did you find the vulnerability, is there a packet analyzing tool for android?
No luck
I just received a response from HTC saying they have no idea what I'm talking about. I just sent them back a response with the linked article. Hopefully someone can get the update from them and post it here so we don't have to deal with them at all.
So is this Windows mobile only, or Android too?
Sent from my HTC Desire using XDA App
Lothaen said:
So is this Windows mobile only, or Android too?
Sent from my HTC Desire using XDA App
Click to expand...
Click to collapse
I don't think Android uses Peep in its interface for Sense. I'm not 100% positive on that, but I know we've had an issue with this for WM for about five or six months now.
In trying to get a hold of this update, here are my responses from HTC so far for anyone interested.
Me said:
I just heard about the update to HTC Peep for Windows mobile users. I have an AT&T Tilt2 with Sense loaded on it. I was hoping you guys could send me the Peep update so I could use that tab again without worrying.
Click to expand...
Click to collapse
Kathleen said:
I understand how important it is for you to be able to update your Peep application. Unfortunately, we are not aware of an update for the Peep application. I have looked for the update and it is nowhere to be found. You will need to keep an eye on http://www.htc.com/us/support/tilt-2-att/downloads/ for updates for your device.
Click to expand...
Click to collapse
Me said:
I read about the security flaw in the HTC Peep tab back in August and never used it because of this. The Peep application discloses the username and password via a HTTP OAuth-related request during the initial sign in to anyone eavesdropping on the connection. It also exposes the username and password after the connection is established by having all of the requests from the mobile device to the Twitter service use a HTTP Basic authentication header even though the app is supposed to be using OAuth. For more information, please refer to this article: http://blog.taddong.com/2011/02/vulnerability-in-htc-peep-twitter.html
Click to expand...
Click to collapse
Lindsay said:
We have not made an official update, any updates found on 3rd Party websites are up to you to do the research and download yourself. Just know these updates are considered rooting on your Tilt 2, so make sure before you update you do the research.
Click to expand...
Click to collapse
Me said:
Then when will the update be made public? It is kind of a pain that I've waited for six months now to use a feature of this device because of a security issue. Also, how would this be considered rooting since I'm not using an Android device? Windows Mobile users have administrator-like privileges by default in this operating system. There is no such thing as rooting on a Windows Mobile device.
Click to expand...
Click to collapse
Lindsay said:
If you re-write the ROM it is considered rooting. If you can add any applications to the SD Card and install it to the device, that is not rooting. We do not have any information on any updates available for your device at this time. I apologize that we do not have any updates for HTC Peep.
Click to expand...
Click to collapse
Me said:
I don't mean to sound insulting, but rooting is not the same as flashing a custom ROM. Rooting is gaining root-level administrator privileges on a Linux based operating system. Windows Mobile provides this access to the user by default. There is no other setting for this. Android, being a Linux based distro, does not come with root privileges installed to protect itself from users inadvertently messing around with things they shouldn't. It is the same thing on desktop operating systems like Ubuntu, Fedora, and the like. Rooting is completely different from flashing a custom ROM, as you are suggesting. Either way, an updated Sense tab using HTTPS, as it originally should have done, would be as simple as installing a *.cab file. My question, then, becomes to whom should I address this issue to get further support should I decide to call about it with the information I have?
Click to expand...
Click to collapse
Lindsay said:
The fact is we do not have an update for your device at this time. I apologize for this, but at this time we do not have any updates.
Click to expand...
Click to collapse
Me said:
Yes, you mentioned that. I asked whom I should voice my concerns with since this is the case. I understand that you don't have any information to offer me. I wasn't questioning that. I would simply like to know where I should go from here as there has been a serious security flaw in this device for quite some time. I do not mean to insult you, if I have done so, and apologize if I have, but I want this matter resolved once and for all. Obviously, the users are not allowed to modify the HTC Sense code or this would have been resolved some time ago. If some users were allowed the Peep source code, this could be rectified very quickly with the SenseSDK, but as that isn't an option, I, and several others, look to HTC to provide support for their product and software. If it is simply a problem of my device becoming outdated, then the HTC HD2 (Leo_512, Leo_1024) has the same problem on the latest ROM image as well.
Click to expand...
Click to collapse
Lindsay said:
I have sent the forum you sent me to the appropriate department for review. If you would like to troublahoot you device I would be glad to further assist you, but at this time this email will need to be closed if there is no troubleshooting to be done on your device. Again, I have sent the forum to the appropriate department.
THREAD CLOSED
Click to expand...
Click to collapse
It doesn't look like HTC is playing ball here. I'm going to continue to try to figure this out as I would love to actually be able to use the Twitter tab for a change. I never really used it because of the security flaw that was found.
i contected taddong and they told me
yeah they told me they had no idea what i was talking about....i contacted "tadong" and they told me to sedn the link from there site regarding the issue to HTC and he would handle them if they wanted more info on it...i guess we'll see what happens
It doesn't look like HTC is playing ball here. I'm going to continue to try to figure this out as I would love to actually be able to use the Twitter tab for a change. I never really used it because of the security flaw that was found.[/QUOTE]
Uh... "If you can add any applications to the SD Card and install it to the device, that is not rooting."
Under that logic, if unrevoked forever ever releases a .apk to turn S-OFF, does that imply that merely doing that to get root access isn't rooting?
edit: this is what happens when companies aren't smart enough to release some kind of auto-app updater, separate from OTA updates. Stuff like this takes an eternity. How hard is it to add an "s" to the http of the authentication? (for that matter, why the hell is Twitter letting you log in this way in the first place?)
lol, first thing i thought of when i saw this posts title...
http://my.starstream.net/neobigd/htc_peep.jpg
HTC finally release the Peep security update for the Rhodium, Topaz, Leo, and Photon. I've attached the files to this post, but they can also be had at HTC's website at the link below.
HTC Peep security update
EDIT: These updates do not work with custom ROMs, it seems. The *.exe needs to be copied to your device and run from there. I'm working on extracting them and making proper *.cabs now.
Peep Update *.cabs
EDIT: DO NOT PM ME ABOUT THIS FIX. IT DOES NOT WORK.
Please do not PM me about this security fix. It has nothing to do with the current Twitter outage as of the beginning of May 2011.
After pulling them apart and recompiling them, with the help of JVH3, here are the HTC Peep Update *.cabs. These are for Windows Mobile users with version 6.5 or higher. It should work, in theory with version 6.1, but I didn't feel like testing it out. Obviously, you'll need Sense 2.5 as well. There are four versions, but they all seem to be exactly the same. I didn't notice any differences other than the dates they were packaged. The Rhodium version seemed to have a slightly smaller TwitterApp.exe file, but I still don't think it was different.
Disclaimer: I take no responsibility for anything you do to your devices. These are posted for informational purposes. If you choose to install the application update, then any side effects (of which there should not be) are on you.
Changes
This update changes the way the Twitter Tab (HTC Peep) authenticates your user account. Before this update, your account information is sent via unencrypted http headers upon login which reveal both the username and password to anyone who happens to be eavesdropping on the connection, whether it is by cellular data or wifi as seen below.
Code:
authenticity_token=c8b5abaf53f223e827d9258ddfef4285a816db5f&
oauth_token=I4FK956n1foaHjayLKXJT2IaBpsmoo0amKyPhebc&
session%5B[B]username_or_email%5D=USERNAME&session%5Bpassword%5D=PASSWORD[/B]
Also, when sending tweets or receiving them, their is a continuous authenticate request sent which exposes the username and password again as illustrated below.
Code:
GET /statuses/friends_timeline.json?count=50&page=1 HTTP/1.1
Accept: text/xml, application/xml;q=0.9, */*;q=0
[B]Authorization: Basic BASE64("USERNAME:PASSWORD")[/B]
User-Agent: TwitterEngine
Host: twitter.com
I haven't been able to confirm the status of the current update yet with traffic monitoring, but according to HTC, this update sets the Peep application to use OAuth to establish a connection with https to encrypt the username and password instead of leaving it exposed for all the world to see.
EDIT: This is not a 100% fix. It seems that while the initial session is now being sent over https using TCP port 443 (sending against the api.twitter.com domain), during the rest of the session, Peep switches back to HTTP basic. This still leaves the whole session after the initial login vulnerable to hijacking based on the Twitter's session ID through cookies. I suggest using a different Twitter client, as neither HTC nor Twitter care for our aging devices.
EDIT: DO NOT PM ME ABOUT THIS FIX. IT DOES NOT WORK.
i dont like to install os on sd card
squaloforte said:
i dont like to install os on sd card
Click to expand...
Click to collapse
What relevance does your post have to anything related to this thread?
Nothing about this thread has anything to do with installling an os or anything to your sd card.
It is about the twitter tab security flaw and the recent patch by HTC.
A patch could only be installed to the device, since patches need to replace files on the device.
Still getting login error!
I'm still getting login error problem on my HTC HD2 o2 uk phone, this update and the HTC HD2 Peep Security update on the HTC website http://www.htc.com/europe/SupportViewNews.aspx?dl_id=1085&news_id=866 doesn't work
Is anyone else getting this problem?
ramonguthrie said:
I'm still getting login error problem on my HTC HD2 o2 uk phone, this update and the HTC HD2 Peep Security update on the HTC website http://www.htc.com/europe/SupportViewNews.aspx?dl_id=1085&news_id=866 doesn't work
Is anyone else getting this problem?
Click to expand...
Click to collapse
Please try to keep up.
This fix has nothing to do with login errors.
This fixes a security vulnerablity.
Without the fix, user name and password are sent in plain text through http.
With the fix, oauth is used instead, so each request does not send this information. And when it initially is sent to authenticate, https is used.
The twitter tab works for just about everybody. And the fact that no one else is reporting problems since applying the fix indicates that the fix does not have a problem.
Things to check:
Do you have a twitter acount?
Are you entering your twitter user name and password correctly?
Is your twitter account locked by twitter? (try using it with your computer)
Do you have a data plan?
Do you have a strong cell signal with Edge or 3G service?
Have you tried soft resetting your device?
Are you in the UK?
If not, does the country you are in block access to twitter?
Can you browse web pages with your phone?
No need to reply to this reply to your post since your post was not on topic for this thread.
JVH3 said:
Please try to keep up.
This fix has nothing to do with login errors.
This fixes a security vulnerablity.
Without the fix, user name and password are sent in plain text through http.
With the fix, oauth is used instead, so each request does not send this information. And when it initially is sent to authenticate, https is used.
The twitter tab works for just about everybody. And the fact that no one else is reporting problems since applying the fix indicates that the fix does not have a problem.
Things to check:
Do you have a twitter acount?
Are you entering your twitter user name and password correctly?
Is your twitter account locked by twitter? (try using it with your computer)
Do you have a data plan?
Do you have a strong cell signal with Edge or 3G service?
Have you tried soft resetting your device?
Are you in the UK?
If not, does the country you are in block access to twitter?
Can you browse web pages with your phone?
No need to reply to this reply to your post since your post was not on topic for this thread.
Click to expand...
Click to collapse
My Peep app stop working in January, there are no problems with my twitter account, all I'm looking for is a solution or fix!
Do you know where i can get a Peep.cab?
ramonguthrie said:
My Peep app stop working in January, there are no problems with my twitter account, all I'm looking for is a solution or fix!
Do you know where i can get a Peep.cab?
Click to expand...
Click to collapse
As I previously said, this thread is dedicated to the HTC Security Patch for the twitter tab.
I suggest either looking for a thread dedicated to the twitter tab not working or creating your own thread in the question and answer section.
http://forum.xda-developers.com/forumdisplay.php?f=456
This thread is not the appropriate place for your question.
My HTC Peep stopped working on my Rhodium after installing this update. Peep worked right up until I installed the HTTPS Fix.
Verizon TP2, using the Custom ROM --> Verizon MR2 Fixed by Mr. X
(ROM Found here)
http://forum.ppcgeeks.com/cdma-tp2-...zon-mr2-fixed-mr-x-boots-unlocked-device.html
I see the "Tap Here to Authenticate" Screen
I type in Username/Password (which works when logging into the website)
HTC Peep tries to log in, but I get an error --> "You entered an incorrect username or password."
I cleaned out the Temp folder to try and get a fresh start, but no luck.
I tried to uninstall, but I am unable to uninstall properly.
I tried to Re-install, but no luck.
I shut down Sense, re-installed, and rebooted and turned on Sense, no luck.
So, minus doing a brand new ROM flash it looks like this .CAB tanked the Twitter tab for me. I didn't really want to keep using it unsecured, but it sucks that the update stopped it from working altogether.
When on xda-developers website: anytime I've had a link on the website which required me to go to Multiupload to get a file to download, I am always redirected to this website, lnx.lu & I can't get the file I wanted. This VERY aggravating!!!! Is this just me or are others experiencing this also?
lnx.lu is a site forwarder. It's like go.to/blah, or tinyurl.com/blah, except that you also get money the more people click on your link. The site probably requires javascript enabled to function. Also, some mobile browsesrs don't like these forwarding sites, and will throw an error. Worse come to worst, find a direct link to the file, or just search the internet for the file name.
post-mortem said:
lnx.lu is a site forwarder. It's like go.to/blah, or tinyurl.com/blah, except that you also get money the more people click on your link. The site probably requires javascript enabled to function. Also, some mobile browsesrs don't like these forwarding sites, and will throw an error. Worse come to worst, find a direct link to the file, or just search the internet for the file name.
Click to expand...
Click to collapse
You're probably correct, but I have noticed this result using more than one link on xda-developers, in fact there were quite a few. Also, I have used many links before, even ones that now guide me to this page. It makes me think that 1) I have something wrong w/my PC or 2) the site has been compromised (HIGHL UNLIKELY).
& oh, BTW, this happened using my desktop, not a mobile browser.
Hi guys,
Wondering if anyone can help me fix this issue. Only started occurring today for some reason after a reboot.
Basically I'm logged in to XDA with the app, however I can't reply or view notifications etc as it comes up with an error "security error (user may not have permission to access this feature)"
The same error occurs when I try with tapatalk.
Strangely though I'm still getting notifications like before, I just can't view them when I open the apps.
I can log in with no problems using tapatalk on my iPad and using web browser.
Tried clearing cache, reinstalling apps, wiping app data and reboot with no success.
Is there any way to get these working again?
Also, this doesn't happen when I'm on wifi. I searched these forums and google and found one post from 2011 saying to uncheck 3g compatibility in settings but I can't find that setting anywhere in the app or in general phone rings
Sent from my SM-G900F using XDA Premium 4 mobile app
Bump. Anyone have any idea how to fix this please?
wtzky said:
Bump. Anyone have any idea how to fix this please?
Click to expand...
Click to collapse
Same issue, i thought at first it may have been redirects through tapatalk servers breaking. Disabled those, with crappalins. After doing that it persisted and then found links from 2012/13 where the problem existed and they said that any links that involved search would be disabled via applications to help server load(as they were under heavy load)
I can't confirm as nobody else is talking about it but I'm still effected on/off. Hard linked threads like "Q&A" of any given device will work but things that require a search like "participated" for your username don't generally work.
Not a solution, but sharing of sufferage.
byte9 said:
Same issue, i thought at first it may have been redirects through tapatalk servers breaking. Disabled those, with crappalins. After doing that it persisted and then found links from 2012/13 where the problem existed and they said that any links that involved search would be disabled via applications to help server load(as they were under heavy load)
I can't confirm as nobody else is talking about it but I'm still effected on/off. Hard linked threads like "Q&A" of any given device will work but things that require a search like "participated" for your username don't generally work.
Not a solution, but sharing of sufferage.
Click to expand...
Click to collapse
Do you also have the same problem with the XDA app? I find it really strange that this behaviour occurs over 2 apps.
It's also started occurring intermittently now ; may work completely fine for 3 days then it breaks for a couple of days.
I don't use XDA app but it's not the app. All times I've read of it both apps are effected. Its server side whether mobile portal overload or intentional dispersement of traffic by server Admins.
Sent from my SM-G900T using Tapatalk
I have a somewhat similar problem, I can't seem to use this app while on my home wifi, but if I connect to my mobile network (Verizon) the app loads and works perfectly. My home wifi always causes the app to say failure to load, even though everything else with my home wifi works. Ive tried clearing data, uninstalling/reinstalling. No luck.
Sent from my XT1060 using XDA Free mobile app
Yeah, me too. Login problem, for the development, please fix this problem ASAP. Thank in a tons.
I have the same trouble. If someone will solve it, I will be very thankful if you will write the solution here
adinahmadin said:
Yeah, me too. Login problem, for the development, please fix this problem ASAP. Thank in a tons.
Click to expand...
Click to collapse
WolandPetrov said:
I have the same trouble. If someone will solve it, I will be very thankful if you will write the solution here
Click to expand...
Click to collapse
First of all, you revived a thread from 2014 lol.
And second, around the 30th of November, XDA will have a big update, including the app. So your problem may be fixed by the upcoming update. Read more here : https://www.xda-developers.com/big-changes-to-xda-forums-are-coming-soon/
So this worked for me on metro pcs Moto e5 plus but I'm sure it will work for other carriers as well.
YOUR PHONE MUST BE ROOTED AND THERE ARE PLENTY OF GUIDES FOR THAT.
You will need two things
First a VPN (you will find many VPN for free..the one I have tried it with is Hola VPN. I haven't tried any others as that one gave me good speed and it was free.
Next is HotspotVPN. Also a free app that is available on the app store..
https://play.google.com/store/apps/details?id=be.mygod.vpnhotspot
What this is doing is creating a hotspot through the VPN which it doesn't detect actual usage. To test I downloaded a 2 gb file and than of course checked and it didn't show any usage.
So step 1 is after both are installed open holavpn. When you turn on the VPN you will scroll in the app till you see the hotspot VPN app. It will ask you to open it.
2. Now that you are in the app you will turn on hotspot and than above that will show another option of wlan0. Once you turn that on it will ask for root access which of course you will grant.
Very simple setup and took me some time to research on getting a unlimited hotspot. I will say sometimes after shutting it down it will stop data on my phone. You don't have to reboot just put it in airplane mode and than take it off and it will fix that issue.
If you have any issues please post and I will try and respond asap.
Just used expressvpn and it worked also. So it should work with any VPN.
I highly doubt this works but I can't tell because there are about a MILLION apps on the Play store called "HotspotVPN"
Who made the app you're referring to? Link please..
And not calling you a liar, it just seems highly improbable that you "stumbled onto" something that no one else in the ENTIRE MetroPCS/T mobile community has yet to discover.
Has anyone else tested this?
Sorry for late response. https://play.google.com/store/apps/details?id=be.mygod.vpnhotspot
I'm honestly telling you this does work. Maybe I got lucky in my research. Infact I'm not even sure how I found this out as I googled hardcore on this..lol
Mattswad said:
I highly doubt this works but I can't tell because there are about a MILLION apps on the Play store called "HotspotVPN"
Who made the app you're referring to? Link please..
And not calling you a liar, it just seems highly improbable that you "stumbled onto" something that no one else in the ENTIRE MetroPCS/T mobile community has yet to discover.
Has anyone else tested this?
Click to expand...
Click to collapse
To be honest here why wouldn't I be able to find what others haven't? Though I may not be able to code a new rom doesn't mean I can't actually find a way to do something. So I when you do try it and it works I hope you can admit you were wrong. If I could post screen shots of it working I would but can't think of any screenshot that would prove it.
IDrinkTooMuchCoffee said:
Wondering if that app is the one listed here:
https://gizmodo.com/at-least-20-vpn-and-ad-blocking-apps-with-35-million-do-1842228757/amp
Might not want to use it
Click to expand...
Click to collapse
Those are only VPNs not the hotspot app. Please read before posting. You can choose your own VPN so no worries on that.
If you try this please post that it is working so others may see that or if you ran into any issues so that I can answer them.