If anyone interested in Google's server side Android sign in security is reading this forum, would they please look in to this problem.
There is no way at all in userland to disable the sign in permission for Mightytext once it has been agreed to using Android. This is a big security issue because it breaks the published specs of how the server side sign in token should work. On Saturday, 21 March 2015 20:52:12 UTC, Gareth Davies wrote: > > Anyone concerned about this easily replicable security breach? -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
