egzthunder1 · Feb 14, 2011 at 09:00 pm

XFinity App for Android Sharing Passwords

While we normally like to write about good things going on in the Android world, we also like to warn people about potential dangers to them. XDA member aBSuRDiST posted a thread regarding the XFinity Android app. For those of you outside of the US, XFinity (Comcast) is a cable provider in the US and this app allows the user to have control over various things such as DVR settings and more. The member discovered by reading the activity put out by the app, that this openly reveals both username and password of the user in question. Telling the app to not remember this information seems to not work either.

It would be interesting if those of you with this app can reproduce this. For this you will need something to see the logcat generated in your device. Please leave your comments below if you notice any other weird behavior by this app.

My system log shows <userName>MYUSERNAME@comcast.net</userName> and <password>MYPASSWORD</password> on a line that starts with “D/HTTPManager”. I read the log using aLogcat (app available in the market). Open aLogcat, press menu and filter for “password”. After I clear my log (using aLogcat) that line reappears even when I haven’t used the Xfinity app. I don’t use my comcast credentials in any other app.

You can find more information in the original thread.

Want something published in the Portal? Contact any News Writer.


_________
Want something on the XDA Portal? Send us a tip!
TAGS:

egzthunder1

egzthunder1 is an editor on XDA-Developers, the largest community for Android users. I have been an active member of xda-developers since 2005 and have gone through various roles in my time here. I am Former Portal Administrator, and currently part of the administrator team while maintaining my writer status for the portal. In real life, I am a Chemical Engineer turned Realtor in the Miami area. View egzthunder1's posts and articles here.
Brian Young · Jul 7, 2015 at 12:26 pm · 1 comment

Earthquake Early Warning in Your Pocket

Probably all of us reading this have a smartphone in our pocket. For many of us, the smartphone has become our primary method of reading and writing e-mails, messaging, and browsing the web. Though proclamations that "smartphones have replaced the personal computer" typically fall on deaf ears, the statements aren't without merit. Indeed, smartphones have "replaced"—or more accurately, "displaced"—PC's in several areas that they have traditionally been dominant. But how many of you look into your pocket, or on your desk, and...

XDA NEWS
Aamir Siddiqui · Jul 7, 2015 at 10:39 am · 1 comment

Sony: The OEM You Want To Save

In our recent Discuss article, we asked you readers on which OEM you would like to help. While the answers we received were varied, a lot of these responses and top comments stood out for helping one OEM: Sony. Some excerpts from our discussion are as below: And many more follow suit. Needless to say, many believe that Sony Mobile as a company is great and is worth saving. And all of these would be happy to hear that Sony will...

XDA NEWS
Jimmy McGee · Jul 7, 2015 at 06:00 am · 2 comments

How to Lock and Protect Your Apps – XDA Xposed Tuesday

The smartphone revolution has passed. Everybody has mobile apps. Some of these apps have access to very important information. Your mobile banking app gives you access to your money. Your Dropbox app could hold your secret plans to world domination. These apps should have greater protection than your Trivia Crack game. In this episode of XDA Xposed Tuesday, XDA TV Producer TK reviews an Xposed Module that enables you to control access to your apps. XDA Senior Member defim created...

XDA NEWS
Share This