PlainText Stories January 17, 2014

Starbucks quickly adds additional ‘safeguards’ to its app in response to public furore over application security

Starbucks has quickly pushed a bug fix update for its app to the store to help address the security flaws found in its iPhone application earlier this week. Researchers originally found that the app stored passwords in plain text. Earlier, Starbucks’ CIO promised in an open letter that an update would follow in response to these findings.

PlainText Stories January 16, 2014

Starbucks confirms that its iOS app stores passwords in plain text

Starbucks has confirmed a finding by security researcher Daniel Wood that both username and password in its iOS app are stored in plain text.

It’s not the big deal some are making it out to be – to make use of it, someone would need physical access to your unlocked iPhone, in which case you likely have bigger things to worry about than someone being able to order tall skinny lattes on your dime. Additionally, as Engadget observes, a far easier hack by someone with access to your phone would simply be to take a photo of the on-screen barcode used to authorise payments.

All the same, it is pretty poor design on the part of a payment app from a major company, and it’s surprising that Starbucks apparently has no plans to fix it with an updated app.

PlainText Stories January 3, 2014

As you doubtless gathered from my recent Scrivener review, I’m a massive fan of the best Mac app I’ve ever used for creative writing. The TL;DR version is that I wouldn’t dream of attempting to write a novel in anything else. My only real grumble is that we’ve as yet seen no sign of the long-promised iPad version of the app.

I’ve used PlainText with a Dropbox sync as a way of working on Scrivener projects on my iPad, and that works well enough at the writing stage. At the planning, stage, though, I love the corkboard interface. I was thus really interested to see an iOS app that not only provides a very similar corkboard view, but which can export and import to and from Scrivener …  expand full story

Powered by WordPress.com VIP