Related
Hey Everyone,
Wanted to tell all of you about a neat app we're developing, called Flexilis.
It's a mobile security suite for Windows Mobile devices, that keeps your device and data safe from loss, theft, hackers, viruses, malware, spam, and more.
We've currently opened signups for our private beta testing, if you're interested in checking it out, just hit up http://beta.flexilis.com and sign up, and feel free to chat about the product here
If anyone has questions or runs into trouble, just shoot us an email at [email protected] and we'll help you out!
-Chris
Community Director,
Flexilis Inc.
[email protected]
Also, if any of you request an invite and it hasnt gotten granted within a day or so, let me know and I'll take care of it.
If you weren't asking for so much personal information, you might actually get people to try your app...
we're actually working on revising that, the reason we ask for the phone number is because it's used to sms you your download link for the software later on in the process, we're in the process of moving that to later on in the process, as well as an explanation of why we ask for it.
Thanks for the feedback!
-Chris
NRGZ28 said:
If you weren't asking for so much personal information, you might actually get people to try your app...
Click to expand...
Click to collapse
Hey man,
nice thing with this soft, that we give the phone number is not so a big problem i think. could you post a little bit infos about the program? Cause on your side there a not many informations.
But i ithink i'll give it a try...
I just have one little question, on you privacy page you write:
When you use the Flexilis Services, our servers automatically record certain information about your usage. These logs may include information such as the IP address, mobile device identification number, phone number, operating system, version information, wireless carrier, web requests, browser type, browser language, referring pages, landing pages, pages viewed, or other usage information.
Click to expand...
Click to collapse
Why do record the pages we visit?
we're still working on a little bit of a tour/walkthrough area of the software on the front page, as we get closer to public beta, but for now there's nothing there yet. My first post in this thread gives a brief summary of it though. Feel free to shoot me an email at [email protected] with any questions!
-Chris
There's nothing in the software that tracks the pages you view or anything, what that refers to is on our end we track what pages users use on the flexilis website the most, much the same way other websites do, to track what pages and content on our site our most popular, etc.
JeckyllHavok said:
I just have one little question, on you privacy page you write:
Why do record the pages we visit?
Click to expand...
Click to collapse
I'm still not sure what your program do, but it certainly doesn't behave the way I expect.
1) Why to require authorization so often?
2) Contrary to the stated phone number is not accepted for authorization. Only email.
3) I don't really know what you mean by "a few minutes", but currently Flexilis is authorizing my phone already for more than two hours. I see no progress bar and I don't understan what's going.
4) I can't stop authorization process.
5) Why the authorization process continues even when I close all connections? Did you invent new method of communication?
6) The program is hidden from task managers and process viewers. What for?
I didn't sniff the traffic but currently behavior of your program reminds more of malware rather than security software.
My conclusion: As I don't understand what your program is doing, I'm not going to test it anymore until additional guidance is provided.
Sorry, if I'm sounding harsh. It's just writing style (tough work, you know )
No worries
1] once it's authorized the first time, it shouldnt have to authorize again, what kind of phone are you authorizing it on? we're making some fixes to the authorization process to make it even simpler that should roll out in the next release.
2] if you're outside of the US, you might need to add your country code and such if that's the case, let me know, or send me an email to [email protected] so we can look into it.
3] per all authorization questions, it'll try til its authorized, again we're fixing this.
4] per the it being hidden from task managers, we've given this some discussion, for right now it's a security feature to try to prevent theives from disabling the software, though we might fix that in the future to have the app visible in there somehow.
As far as being more indepth on all of the features, we are working on a tour of sorts to explain it all before the beta goes public.
Thanks for the feedback!
-Chris
mrcaze said:
I'm still not sure what your program do, but it certainly doesn't behave the way I expect.
1) Why to require authorization so often?
2) Contrary to the stated phone number is not accepted for authorization. Only email.
3) I don't really know what you mean by "a few minutes", but currently Flexilis is authorizing my phone already for more than two hours. I see no progress bar and I don't understan what's going.
4) I can't stop authorization process.
5) Why the authorization process continues even when I close all connections? Did you invent new method of communication?
6) The program is hidden from task managers and process viewers. What for?
I didn't sniff the traffic but currently behavior of your program reminds more of malware rather than security software.
My conclusion: As I don't understand what your program is doing, I'm not going to test it anymore until additional guidance is provided.
Sorry, if I'm sounding harsh. It's just writing style (tough work, you know )
Click to expand...
Click to collapse
Authorizing a device ... what a hassle. I finally gave up since I couldn't tell if it was doing anything. No more testing for or feedback from me.
fredcatsmommy: sorry it didnt work out for you. hopefully in the future when that's fixed (should be less than a week), we can lure you back, it does some amazing stuff, but we do run into bugs from time to time due to the vast number of windows mobile devices out there, and only having a small test bed of them to work with. Keep your eyes peeled, and we'll have that fixed soon!
fredcatsmommy said:
Authorizing a device ... what a hassle. I finally gave up since I couldn't tell if it was doing anything. No more testing for or feedback from me.
Click to expand...
Click to collapse
I think you need to tell us what the app actually does?
I have read this and your site and still don't know what it does?
Will hold off on trying it till I know.
How long is the initializing and activating supposed to take?
seriously, the authorizing bugs should have been worked out before releasing a beta here. we cant even tell if its running, authorizing, stealing information from our devices, etc.. I surely hope this is a legit app youre pushing, if so, FIX IT, so we can at least see what it does.
thx
I installed and authorized with no issues what-so-ever... contrary to what everyone else is saying everything seems to work just fine. works great and doesn't seem to take much memory... not a single complaint here!
Advertising your application for beta purposes is usually not a problem. But, it seems you are here more for "recruiting" testers than anything else. Looks like you joined for this purpose only.
My suggestion to you, is to give a little more description on your develpoment. Seems there are too many questions going unanswered here.
jhw549 said:
I installed and authorized with no issues what-so-ever... contrary to what everyone else is saying everything seems to work just fine. works great and doesn't seem to take much memory... not a single complaint here!
Click to expand...
Click to collapse
what device do you have? did you do anything special to get it working?
I have a sprint vogue and installed to main mem and the data conn. is constantly active.
Polargoat said:
what device do you have? did you do anything special to get it working?
I have a sprint vogue and installed to main mem and the data conn. is constantly active.
Click to expand...
Click to collapse
I have an HTC Mobul/Titan using default Rom/Radio with WinMo 6.1
To install it I just did what I would any other and installed it onto internal memory...
Correction: The application works just fine if you don't have push e-mail (aren't connected to a remote exchange server), I have been having problems all day with my push e-mail from mail2web which I use to forward my work e-mail to my phone. I have therefore decided to remove it as I can't afford to have it interfere with work.
If this isn't in the right place, please move it mods.
Basically I think that the market is a bit incomplete.
There are changes I'd like to be made and i've voiced my concerns with google.
Now I need the community backing to actually see these things implemented.
To read about the suggestions and comment, visit this link
http://www.google.com/support/forum/p/Android+Market/thread?tid=3c9422da6b79a597&hl=en
I try and address problems with the market and even underlying Android issues that have yet to be resolved.
Add your input and they'll have to listen.
Good idea... You might also add to the list a way to delete apps from download that won't be used anymore. I have three in my download that I will never install again and can't get them off the list. Imagine a few of those in there and it starts to take up alot of space with apps you aren't interested in anymore.
I posted a reply there as it seems to have gotten some attention there. Some of the issues are already in feature request on android issues, I linked to them. Starring the issues increases chances someone will take care of it.
Suggestion added Jeffro.
Thanks for posting Areinu!
If I could make suggestions for Android Market:
(1) Fix all this missing protected apps for new device / firmware quickly
http://forum.xda-developers.com/showthread.php?t=665742
This is silly issue and will only hurt Android platform. This will greatly discourage Android developers for making good apps.
I want to support Android, I want to make it success! I can do this by spending money on Android apps, but I simply cant because of this issue.
And I am afraid this will repeat once new firmware released.
Take a look how long this issue is ... ridiculous
(2) Remove restrictions on countries for purchasing apps
Right now, certain countries like Sweden for example cannot even see the apps!
(3) Add ability to FILTER apps TITLE
I want to "hide" all those WALLPAPERS, SEXY whatnot.
Android is nice, really nice platform. But this Android Market issues are blocking its success.
here in Denmark we can't even see non-free apps in the ma market. because of this, users of ex. iPhone won't even try the platform. its sad really.
Sent from my HTC Legend using the XDA mobile application powered by Tapatalk
Filtering is very much needed. I tend to view the 'just in' apps, but lately its just a list of MMCANDROIDs latest releases of boarderline under age Asian girls. Its really annoying that you cant block out the stuff you have no interest in.
I'm adding them as they come.
Post a comment on the page to make sure Google eventually sees it.
Do you guys still use Autokiller in the new Fresh Toast?
I use it. Dont really want to go and use the task killer so i let the auto killer do it. I set it to aggressive. Keeps my phone fast.
Many people use it. The only reason flipz stopped including it because he noticed it was reporting your location to the dev. The dev since then has removed it from the app.
ALSO THERE IS A SECTION CALLED.. QUESTIONS AND ANSWERS
Please post in the right section from now on. The only thing that belongs in Development is something that you provide to others to use for your computer, phone or others means of developing towards "android" or "htc hero"
yes, i have flurry analytics included to better understand the usage of my application, and it also collected location information, but i have disabled this feature a few weeks ago...
Mod edit: not dev related, moved to general
ratson said:
yes, i have flurry analytics included to better understand the usage of my application, and it also collected location information, but i have disabled this feature a few weeks ago...
Click to expand...
Click to collapse
why would u need location info and dont give me that "to better understand your clientele" crap.... thats why i dont use it anymore i dont want flurry analytics or location info being recorded
I have already reported to the creator of autokiller that the app doesn't seem to function anymore on most of the 2.1 roms ive tired. It's a shame as it used to be a really useful app.
I have a question that is purely out of curiosity. I'm not a developer, nor do I have any desire to become one... at this time.
In the process of answering questions for my father about his new Android phone, I came across the Android Developers website. Being the infinity curious person that I am, I started to browse through it and came across something that I was particularly curious about, the "Forward-Locked Application" market filter. It states that an application in the market can be set to not be visible to developer devices and unreleased devices. What I'm curious about is why would a developer not want their app to not be visible to said devices? Wouldn't it be to their advantage to allow their app to be visible, installed, and possibly tested if the owner of the developer phone or new unreleased phone so chose to do, after all, this is potentially new hardware that the app developer may not have support for in their app. Now not being a developer myself, I'm sure there are valid reasons for the filter and I am just curious as to what they may be.
Because you haven't tested your app on a new OS build, and want ensure compatibility before offering it for sale. Other reason is that the new OS build either obsoletes, duplicates, or just plain breaks your app. An example would be the updates to the calendar API's in Android 2.2. Every calendar widget in the market that tied into the built-in calendar app ceased to function because the way it interacted with outside apps had changed.
So the lock is not in reference to developer or unreleased hardware, it pertains to developer or unreleased software or OS?
They would check build/version number in the build.prop or whatever they use... It's just like how FroYo builds couldn't see protected apps while it was in pre-release.
garfnodie said:
So the lock is not in reference to developer or unreleased hardware, it pertains to developer or unreleased software or OS?
Click to expand...
Click to collapse
yes this is correct. The developer phones have different software that allow native root access and this would be defined in the build.prop . That would also allow people to rip applications and pirate them.
That switch is mainly a quality assurance/anti-piracy measure.
ATnTdude said:
Because you haven't tested your app on a new OS build, and want ensure compatibility before offering it for sale. Other reason is that the new OS build either obsoletes, duplicates, or just plain breaks your app. An example would be the updates to the calendar API's in Android 2.2. Every calendar widget in the market that tied into the built-in calendar app ceased to function because the way it interacted with outside apps had changed.
Click to expand...
Click to collapse
Actually, those apps that broke, broke because they were using private APIs. As explained, if you stick to public APIs your app should not break when updating OS iterations because ALL APIs are frozen as soon as a release is cut.
Here's another question then, are app's allowed to do automatic bug reporting back to a developer with out the user consent, or even with the users consent. It seems to me that say Google is testing Android 3.0, and one of their in house testers decides to install your app, but your app does not support 3.0 for whatever reason, if there is automatic bug reporting, you could be made aware of a potential incompatibility with a new API and have time to fix it long before the new OS is ever released. This all could never happen though if you have the market filter set.
garfnodie said:
Here's another question then, are app's allowed to do automatic bug reporting back to a developer with out the user consent, or even with the users consent. It seems to me that say Google is testing Android 3.0, and one of their in house testers decides to install your app, but your app does not support 3.0 for whatever reason, if there is automatic bug reporting, you could be made aware of a potential incompatibility with a new API and have time to fix it long before the new OS is ever released. This all could never happen though if you have the market filter set.
Click to expand...
Click to collapse
bug reporting is going to be a new feature of 3.0. I dont think many if any apps have their own built in bug reporting. Also it really is on the developers side if their app doesnt work with new OS revisions. They should program their apps in such a way that they wont have to make drastic changes for updates. Google also give plenty of time for developers to make fixes before the first iterations of the new update goes out (almost 1 month in the case of froyo)
however some developers just dont care (e.g Co-Pilot)
Most people don't yet know that many Android software leak all sorts of information to the internet with only scant user acknowledgement (basically what you accept when you install the app).
Due to this and the fact that there are already privacy information harvesting apps for Android on the marketplace - a team of security experts have created TaintDroid:
What is TaintDroid?
From the project's web page: "A realtime monitoring service called TaintDroid that precisely analyses how private information is obtained and released by applications "downloaded" to consumer phones."
From: http://appanalysis.org/index.html
How can I install TaintDroid?
As TaintDroid is currently compiled into the kernel, you cannot easily install it, but you have to cook your own kernel. Instructions (for Nexus 1) are available at the project web site: http://appanalysis.org/download.html
How does TaintDroid work?
Here's a video demonstrating how TaintDroid works once it is installed and configured:
http://appanalysis.org/demo/index.html
Why would you want to install this?
There can be many reasons for installint TaintDroid:
- You want to learn about privacy features and play with Android kernel
- As it is currently impossible to differentiate between innocent and sneaky Android apps based only on what access rights they request, you may want to dig in deeper
- You are worried about what apps are doing behind your back and you want to know which apps to uninstall
- You want to help create Android a more secure and privacy-protected platform, instead of the swiss cheese it currently is
What can you do?
As compiling kernels is mostly beyond the reach of mere mortals currently, consider cooking TaintDroid into your kernel, if you are cooking one yourself and offering it available for others to try and use.
Hopefully increased awareness and usage will bring this program eventually into other modders and perhaps even Google's attention and something more easily accessible is offered for the public at large.
BTW, I'm just a user, interested in getting TaintDroid on my own Galaxy S. I'm not affiliated with the research program, but I like what they are doing. This information is purely FYI.
+1 for the idea
Sent from my GT-I9000 using XDA App
+1
Since we cannot expect information gatherer Google to come up with a good privacy protection mechanism soon I think we are forced to take measures ourselves.
I also learned that several of my bought applications are constantly forcing me to enable synchronisation and/or 3G internet. They either randomly uninstall (Asphalt 5), their icons disappear (for example: Mini-squadron) or won't start, with (Schredder Chess) or without a message. Angry Birds Beta2 lite (free game) and Hungry Shark are 2 more examples. So much for an incentive to buy games...
It would be great if applications used a well-defined mechanism to check their validity on-line, and not have this sneaky, lingering attack from all sides to any privacy or battery consumption aware user.
I can not cook Kernels, but this is something i want to use.
Not that i am worried, but i dont know what apps are sending when you open them. Thats something i want to know!
I am sure i am not the only one.
+1
Yes please... This should be in all android phones... as a security option you could turn on!!!
Antonyjeweet said:
Not that i am worried, but i dont know what apps are sending when you open them. Thats something i want to know!
Click to expand...
Click to collapse
And do some of these applications only send stuff when you open them?
--
From a user perspective it currently is really difficult to judge applications that need to start at boot-up and deal with many facets of your computer (Launchers, tools combining lots of divers features).
Do you know some ROM where Taindroid is included?
I've posted in hardcore and laststufo kernel threads to ask if they could add it.
We just need more people wanting it so they think about adding it
exadeci said:
I've posted in hardcore and laststufo kernel threads to ask if they could add it.
We just need more people wanting it so they think about adding it
Click to expand...
Click to collapse
glad you did that
+1 support the idea. hope some of our hardworking kernel builders will add this in.
My concern is how much another real time service will affect battery life. For people trying to make the leanest, fastest kernel I'm not sure it's viable.
I have been wanting TaintDroid built into android by default since the day it was announced, but I really do not think google cares about this, so please, please ROM cookers out there (Maybe Doc?), lets add this into our galaxy S roms.
Well, this seems to work only on android 2.1
Make it so.
+1
Combined with walldroid (or other firewall) this could put back power into users hands. Would really love to see this inside hardcores kernel. Maybe as an option for the stable releases?
+1
This should be the next standard in aAndroid
idea about spoofidroid application
how about a program to spoof or make the phone send fake:
GPS location,
IMEI,
phone number,
simcard id,
etc... information to applications that ask without permission.
this way you can feed these application with information they want but without breaking your privacy. (both end sides are more than happy)
-----
nice option to have:
1) enable/disable auto generate different id every time.
2) allow list / ban list of application to have real or fake id.
3) enable/disable notify for application request.
-----
there are all ready applications that fake your simcard PLMN mobile network codes without the need of kernel rights, but you need to enable disable the flight mode to restore the default code.
===========
good luck to spoofidroid or similar applications.
Jumba said:
My concern is how much another real time service will affect battery life. For people trying to make the leanest, fastest kernel I'm not sure it's viable.
Click to expand...
Click to collapse
I hope there will be developers out there who prioritize privacy/security over speed/battery and storage usage.
I'm the project lead of the TaintDroid system. We are currently working on a few extensions of TaintDroid but unfortunately are short on engineering resources to port TaintDroid onto other systems than Nexus One that we originally developed. We'd greatly appreciate it if XDA developers would take on this effort! Many ongoing projects would hugely benefit from having easy-to-run TaintDroid ROM available for many different devices and upcoming Android systems let alone user benifit.
Thanks,
Jaeyeon
Research Scientist @ Intel Labs Seattle
Ettepetje said:
I also learned that several of my bought applications are constantly forcing me to enable synchronisation and/or 3G internet. They either randomly uninstall (Asphalt 5), their icons disappear (for example: Mini-squadron) or won't start, with (Schredder Chess) or without a message. Angry Birds Beta2 lite (free game) and Hungry Shark are 2 more examples. So much for an incentive to buy games...
Click to expand...
Click to collapse
beta2 lite? i think that was malware, make sure it came from rovio otherwise it's fake and you should delete it.
It's really scary to see with the lookout app how many apps can access to your imei, telephone number "Read Identity Info", can access your contacts, track your position, and can send out all this data.
Here a HTC Desire user, asking for some privacy.
Best regards!