It's not the connection speed that I said, but the rate that the user sends information. And, as you said and I had already stated, it was an idea but not used, because it can be forged.
I was thinking if there's a server-side strategy, because almost everything that come from the client-side can be forged, but if anybody knows something that can't be forged and identifies the user as mobile device user, please tell me. Regards, -- Lucas Palma *"If you are patient in one moment of anger, you will escape a hundred days of sorrow."* *- Chinese Proverb* On Fri, Oct 5, 2012 at 4:10 PM, Kristopher Micinski <[email protected]>wrote: > I think that anything will be able to be forged, you can always > manipulate the connection speed, that's not a reliable indicator. > > kris > > On Fri, Oct 5, 2012 at 3:08 PM, Lucas Palma <[email protected]> wrote: > > Yes, right. > > > > I was thinking that any strategy on the client side could be forged, so I > > started thinking if there's a server-side action that could be used. > > > > I thought, for example, at the speed that the user sends information, > since > > on desktop the information is typed and then sent faster than on a > mobile... > > but this could also be faked on the client side. > > > > -- > > Lucas Palma > > > > > > > > "If you are patient in one moment of anger, you will escape a hundred > days > > of sorrow." > > - Chinese Proverb > > > > > > > > On Fri, Oct 5, 2012 at 4:04 PM, Kristopher Micinski < > [email protected]> > > wrote: > >> > >> I would say that pretty much any strategy is going to be spoofable. > >> > >> You're talking from the perspective of the server, correct? > >> > >> kris > >> > >> On Fri, Oct 5, 2012 at 2:58 PM, Lucas Palma <[email protected]> > wrote: > >> > Hi everybody, > >> > > >> > There's some way to identify that the user is using a mobile device, > not > >> > a > >> > desktop? > >> > Like, I have an application, which communicates with a web service, > but > >> > anyone could access it through a desktop, and simulates that is using > a > >> > mobile device. > >> > > >> > I don't think that "user-agents", "css" and things like that will > help, > >> > since they can be forged. > >> > Someone know one or more ways to do the trick? > >> > There's some way to do it without changing the application? > >> > > >> > Thanks in advance! > >> > > >> > -- > >> > Lucas Palma > >> > > >> > > >> > > >> > "If you are patient in one moment of anger, you will escape a hundred > >> > days > >> > of sorrow." > >> > - Chinese Proverb > >> > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups > >> > "Android Security Discussions" group. > >> > To post to this group, send email to > >> > [email protected]. > >> > To unsubscribe from this group, send email to > >> > [email protected]. > >> > For more options, visit this group at > >> > http://groups.google.com/group/android-security-discuss?hl=en. > > > > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
