Yurgon Posted June 19, 2015 Share Posted June 19, 2015 Today I read an article about privacy concerns with Tapatalk: Tapatalk-Plug-in liest Daten von Forennutzern aus (German) According to the article, the plugin that Tapatalk offers to forum hosters may collect usernames and email-adresses of all forum users in order to send email notifications about "trending topics" to these users. The article also states that the plugin collects data of users regardless whether they ever had the plugin installed or not. If I read correctly, Tapatalk calls this a "Beta" program which is only active for selected sites. However, the forum that discovered that did not opt in to this feature, which Tapatalk described as a mistake on their behalf. To make sure Tapatalk does not collect this kind of data, the article says to set the following value to "0": mobiquo/config/config.php: allow_trending = 0 Since AFAIK the ED forum makes use of Tapatalk, the admins may want to check this. 1 Link to comment Share on other sites More sharing options...
SilentGun Posted June 20, 2015 Share Posted June 20, 2015 so, how would you change that value on a mobile device? Link to my Imgur screenshots and motto http://imgur.com/a/Gt7dF One day in DCS... Vipers will fly along side Tomcats... Bugs with Superbugs, Tiffy's with Tornado's, Fulcrums with Flankers and Mirage with Rafales... :)The Future of DCS is a bright one:) Link to comment Share on other sites More sharing options...
Yurgon Posted June 21, 2015 Author Share Posted June 21, 2015 so, how would you change that value on a mobile device? As I understand it, there's nothing any of us can do, no matter how we visit the forum (desktop or mobile, Tapatalk or browser, doesn't matter). The forum admin/webmaster needs to configure this setting on the server-side, so I'm hoping we'll get a confirmation from Const or another one of the PHP and server wizards. ;) Link to comment Share on other sites More sharing options...
ED Team const Posted June 22, 2015 ED Team Share Posted June 22, 2015 Thanks. This option was turned off. Link to comment Share on other sites More sharing options...
Yurgon Posted June 22, 2015 Author Share Posted June 22, 2015 Thanks. This option was turned off. Excellent, thanks! :thumbup: Link to comment Share on other sites More sharing options...
Home Fries Posted June 29, 2015 Share Posted June 29, 2015 I just got an email saying that someone attempted to access my account via anonymous proxy (locked out for 15 mins after 5 password attempts). I wonder if that attempt could be due in part to this vulnerability before it was squashed. -Home Fries My DCS Files and Skins My DCS TARGET Profile for Cougar or Warthog and MFDs F-14B LANTIRN Guide Link to comment Share on other sites More sharing options...
Yurgon Posted June 29, 2015 Author Share Posted June 29, 2015 I just got an email saying that someone attempted to access my account via anonymous proxy (locked out for 15 mins after 5 password attempts). I wonder if that attempt could be due in part to this vulnerability before it was squashed. I don't know for sure, but I don't think so. The problem with Tapatalk was that, depending on the forum's Plugin-settings, Tapatalk might retrieve usernames and email-addresses from the forum and then send potentially unsolicited emails to some of the forum users. I'm not aware of an actual leak of any of these data outside of Tapatalk, and also Tapatalk said their plugin only collected this kind of data for specific sites that had opted in (of course, in the case of the forum mentioned in post #1, the forum owner had not opted in, which Tapatalk described as an error on their side). In any case, for all I know, no data was actually leaked to anyone outside of Tapatalk. Quite possibly, someone's just guessing random usernames or tries to deduce login-names from the forum name. Unless your actual password appears somewhere on top of lists of popular passwords ("12345", "aaa", "password", you know, stuff like that :smartass:), I wouldn't worry. Link to comment Share on other sites More sharing options...
Home Fries Posted June 29, 2015 Share Posted June 29, 2015 Unless your actual password appears somewhere on top of lists of popular passwords ("12345", "aaa", "password", you know, stuff like that :smartass:), I wouldn't worry. :megalol: Thanks for enlightening me on the issue. :thumbup: -Home Fries My DCS Files and Skins My DCS TARGET Profile for Cougar or Warthog and MFDs F-14B LANTIRN Guide Link to comment Share on other sites More sharing options...
Yurgon Posted June 29, 2015 Author Share Posted June 29, 2015 :megalol: Thanks for enlightening me on the issue. :thumbup: Haha, awesome movie quote! :D Link to comment Share on other sites More sharing options...
Recommended Posts