By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
Interesting report by David Sarno, writing for the LA Times:
But security researchers have disagreed with conclusions drawn from Eckhart’s analysis.
“It’s not true,” said Dan Rosenberg, a senior consultant at Virtual Security Research, who said the video shows only diagnostic information and at no point provides evidence the data is stored or sent back to Carrier IQ. […]
Instead, the readouts on Eckhart’s video that occur when he presses keys are “debugging messages” — informational feedback meant to help smartphone programmers verify that their applications are working correctly. In this case, Carrier IQ’s developers appear to have set up the program to display a diagnostic message when a key is pressed or when a text message is sent.
My question, after reading this: Do other apps on the device have read access to these debugging logs? Can App A read the keystrokes you typed in App B, because behind the scenes Carrier IQ’s daemon was logging those key presses?
★ Friday, 2 December 2011