MicrostockGroup Sponsors


Author Topic: MicrostockStats beta - new android app for sales statistics.  (Read 2433 times)

0 Members and 1 Guest are viewing this topic.

« on: December 13, 2013, 09:00 »
0
Hey,

I'm working on a new android app for tracking microstock agency sales.
By now it supports Fotolia, Shutterstock, iStock, Dreamstime and 123rf (more will follow).
I released it as free beta version and hope to find some users to test it.

MicrostockStats beta on Google Play:
newbielink:https://play.google.com/store/apps/details?id=de.bawegapps.microstockstatsbeta [nonactive]

In the event of problems just contact me.


Microstockr

  • Microstock analytics tools for the 21st century.
« Reply #1 on: December 26, 2013, 07:17 »
+4
I just installed the app, and i was using a sniffer to see the traffic made by the app, you app sends all the username and passwords to you website:

http://deschnuess.de/microstockstats_beta/fotoliaLogin.php (user/pass) http://deschnuess.de/microstockstats_beta/istockphotoLogin.php (user/pass) http://deschnuess.de/microstockstats_beta/shutterstockLogin.php (user/pass)

i was forced to change all my passwords to all my accounts. Please write in the app description what the app does and do not fool the users about the privacy. All the credentials are sent to your server and this is unencrypted and you can do whatever you want with them. So again please update the privacy text on your Google Play and say that the credentials are send to you server.

Thank you

« Reply #2 on: January 10, 2014, 08:49 »
0
Because the app is implemented with JavaScript and the PhoneGap framework I need PHP proxy scripts (same origin policy).
Of course the data is sent encrypted. I don't understand why you think they are unencrypted.
Even the sessionIDs are encrypted.
The server scripts are just forwarding the data to the agencies and will bring back the statistics.
I'm not storing any user data on my servers.
Of course the users have to trust my app, because it could be used to theft user data, but this is possible with every app that requiers user data.
I'm showing my full name and email address in the app description and on the info page inside the app.
It's not my intention to steal any data.

« Reply #3 on: January 22, 2014, 04:54 »
0
The app now got out of beta state.
The app description now clearly contains the fact that a PHP proxy server is used because of technical reasons.

The full version is available at:
newbielink:https://play.google.com/store/apps/details?id=de.bawegapps.microstockstats [nonactive]


You can also try this app by installing the free DEMO version:
newbielink:https://play.google.com/store/apps/details?id=de.bawegapps.microstockstatsdemo [nonactive]

Microstockr

  • Microstock analytics tools for the 21st century.
« Reply #4 on: February 02, 2014, 14:39 »
0
Because the app is implemented with JavaScript and the PhoneGap framework I need PHP proxy scripts (same origin policy).
Of course the data is sent encrypted. I don't understand why you think they are unencrypted.
Even the sessionIDs are encrypted.
The server scripts are just forwarding the data to the agencies and will bring back the statistics.
I'm not storing any user data on my servers.
Of course the users have to trust my app, because it could be used to theft user data, but this is possible with every app that requiers user data.
I'm showing my full name and email address in the app description and on the info page inside the app.
It's not my intention to steal any data.


Data is sent unencrypted to your website according to sniffer program, this is because if you send the data encrypted, you need to decrypt it to send it to Fotolia or Dreamstime to try to login into their websites, and of course you got the USERNAME and the PASSWORD and you can do whatever you want with the user credentials, so that's why i changed all my accounts after testing the app, i don't thrust any app that submits the data to an unknown website and not using HTTPS


Why don't you say in the About Tab of your app what the app is actually doing, you are avoiding the truth by omission which is a BIG LIE, the user / pass are available into you website   


 

Related Topics

  Subject / Started by Replies Last post
11 Replies
3125 Views
Last post July 07, 2010, 14:08
by vonkara
25 Replies
9746 Views
Last post December 31, 2012, 14:05
by Poncke
4 Replies
2327 Views
Last post April 27, 2012, 07:46
by bluepayphone
3 Replies
1236 Views
Last post December 19, 2012, 06:30
by Tabimura
9 Replies
3823 Views
Last post June 28, 2013, 13:49
by bspudd

Sponsors

Microstock Poll Results