2014-04-13 at

Android Security Peeve

Once a device is connected to a Google account, access to all that account's Google services requires no further password input - just like a browser log-in. But unlike a browser log-in, I can't just close my private browsing session to kill the Google session when I put my device on standby.

I'd prefer to have an option for per-service ACL.

"... figured out how to unify multiple Google mail and calender accounts on the standard Android apps.

Risk factor just got squared. Upped device masterkey security to max, and turns out there's a 16 character limit on the password.

Wtfbbq. #iCanHazPerServiceACLplz..."

(Not long after, the latest version of iOS includes these very flaws. I give up.)

No comments :

Post a Comment