Air Canada iPhone app
#751
A FlyerTalk Posting Legend
Join Date: Sep 2012
Location: SFO
Programs: AC SE MM, BA Gold, SQ Silver, Bonvoy Tit LTG, Hyatt Glob, HH Diamond
Posts: 44,331
Although I'm not a fan of that happening, if the app developer wants to include the functionality shouldn't they have the requirement to divulge this to me in their privacy statement? And yes, most people, including myself, will probably just gloss over it and check the "I agree" box.
But at least Apple worries about my privacy, Apple tells app developers to disclose or remove screen recording code - TechCrunch
But at least Apple worries about my privacy, Apple tells app developers to disclose or remove screen recording code - TechCrunch
#752
Join Date: Nov 2017
Posts: 3,359
AC App Caught Spying on Users
Spotted on TechCrunch earlier today:
https://techcrunch.com/2019/02/06/ip...y-screenshots/
It would appear that the AC mobile application uses the Glassbox to secretly take screenshots of users using their application which could later be used for analysis. Quoting from the article:
This perhaps might explain the AC data breach from a couple of months ago. Food for thought!
Safe Travels,
James
https://techcrunch.com/2019/02/06/ip...y-screenshots/
It would appear that the AC mobile application uses the Glassbox to secretly take screenshots of users using their application which could later be used for analysis. Quoting from the article:
The App Analyst, a mobile expert who writes about his analyses of popular apps on his eponymous blog, recently found Air Canada’s iPhone app wasn’t properly masking the session replays when they were sent, exposing passport numbers and credit card data in each replay session. Just weeks earlier, Air Canada said its app had a data breach, exposing 20,000 profiles.
“This lets Air Canada employees — and anyone else capable of accessing the screenshot database — see unencrypted credit card and password information,” he told TechCrunch.
“This lets Air Canada employees — and anyone else capable of accessing the screenshot database — see unencrypted credit card and password information,” he told TechCrunch.
Safe Travels,
James
#753
Suspended
Join Date: Sep 2014
Programs: AC SE100K-1MM, NH, DL, AA, BA, Global Entry/Nexus, APEC..
Posts: 18,877
Spotted on TechCrunch earlier today:
https://techcrunch.com/2019/02/06/ip...y-screenshots/
It would appear that the AC mobile application uses the Glassbox to secretly take screenshots of users using their application which could later be used for analysis. Quoting from the article:
This perhaps might explain the AC data breach from a couple of months ago. Food for thought!
Safe Travels,
James
https://techcrunch.com/2019/02/06/ip...y-screenshots/
It would appear that the AC mobile application uses the Glassbox to secretly take screenshots of users using their application which could later be used for analysis. Quoting from the article:
This perhaps might explain the AC data breach from a couple of months ago. Food for thought!
Safe Travels,
James
Yup, posted in the AC iOS App thread yesterday
https://www.flyertalk.com/forum/30748124-post740.html
#756
FlyerTalk Evangelist
Join Date: Jun 2003
Location: YYC
Posts: 23,804
Don't ask... While Apple professes to believe in privacy to some extent, google is clearly a bigger spying organization than the CIA or the FSA. Not just third parties as it was the case with the AC app, but themselves. Disable the google spyware, chrome stall, when firefox just ignores and goes on. What will it take for peole to recognize that they have willingly let their privacy be compromised, to the benefit of advertisers and large organizations such as airlines and amazon. And obviously google.
#757
A FlyerTalk Posting Legend
Join Date: Sep 2012
Location: SFO
Programs: AC SE MM, BA Gold, SQ Silver, Bonvoy Tit LTG, Hyatt Glob, HH Diamond
Posts: 44,331
The Android app also uses (used?) Glassbox. Whether it had the same issue of not masking sensitive fields, I'm not sure.
Or just wear a tinfoil hat.
Don't ask... While Apple professes to believe in privacy to some extent, google is clearly a bigger spying organization than the CIA or the FSA. Not just third parties as it was the case with the AC app, but themselves. Disable the google spyware, chrome stall, when firefox just ignores and goes on. What will it take for peole to recognize that they have willingly let their privacy be compromised, to the benefit of advertisers and large organizations such as airlines and amazon. And obviously google.
#759
Join Date: Mar 2001
Location: Toronto, ON
Programs: AC 75K
Posts: 6,363
#760
Suspended
Join Date: Sep 2014
Programs: AC SE100K-1MM, NH, DL, AA, BA, Global Entry/Nexus, APEC..
Posts: 18,877
So I go back and check in via mobile browser. Sometimes it works.
Or, I go back and check in on the desktop browser and get the email with the links.
And sometimes even if it shows I'm checked in, I get this nonsense.
#761
Join Date: Oct 2010
Location: YXU/YYZ
Programs: AC SE, AMEX Plat, Marriott Gold, NEXUS/GE
Posts: 598
#762
Join Date: Aug 2014
Location: YQB
Programs: AC SE
Posts: 2,139
#763
Join Date: Dec 2015
Location: YHZ
Programs: AC SE100K, AC 1MM, Marriott Gold, Hilton Gold,Hertz something or other, Sandals Sapphire, etc
Posts: 1,163
#764
Original Poster
Join Date: Apr 2000
Location: Mississauga Ontario
Posts: 4,104
Are you assuming they can?
Also, almost all of the iOS app updates contain the words "General bug fixes..." The AC app wastes battery as it twirls around, it takes forever to load the current trip, slightly less than forever to load the list of trips and has 1/10th of the information that the UA app offers and significantly less features than BR, SQ, LX, LH and the other airline apps I use. IMHO.
I am in awe of the constant "Invalid Password/ credentials" window that pops up, only to be perfectly fine if I quit the app and then re-open.
Plus, lots of fun trying to do OLCI in the app. Take me less time and I get better results using the AC mobile website and check-in.
But I digress...
Also, almost all of the iOS app updates contain the words "General bug fixes..." The AC app wastes battery as it twirls around, it takes forever to load the current trip, slightly less than forever to load the list of trips and has 1/10th of the information that the UA app offers and significantly less features than BR, SQ, LX, LH and the other airline apps I use. IMHO.
I am in awe of the constant "Invalid Password/ credentials" window that pops up, only to be perfectly fine if I quit the app and then re-open.
Plus, lots of fun trying to do OLCI in the app. Take me less time and I get better results using the AC mobile website and check-in.
But I digress...
Haven't checked in here for a while....in this thread. I thought it was just me. I'm experiencing all of these. The iPhone app has gone from being one of the best, to one of the worst.
Did IBM take it over or something?