Your data security is among the top priorities of AirDroid and industry standards are strictly implemented. For example, in Remote Connection Mode, your account credential, SMS, contacts, call logs and many other sensitive private information are all securely transmitted via HTTPS and we never store them (except your AirDroid account information, the latest location of your Android device if the Find Phone feature is activated) without your explicit consent. [/b]
AirDroid 2: Is AirDroid secure?
At present the answer is no.
HTTPS has been removed without explanation.
If you want you phone data to remain secure I suggest seek alternatives to Airdroid untill HTTPS is restored
HTTPS has been removed without explanation.
If you want you phone data to remain secure I suggest seek alternatives to Airdroid untill HTTPS is restored
Update .. a response from Airdroid revealed that changing the settings (top right) and restarting
presented HTTPS again. This freature is tucked away but still present.
So the answer appears to be a cautious yes.
presented HTTPS again. This freature is tucked away but still present.
So the answer appears to be a cautious yes.
Yes, that worked for me. Finally found the settings button
on the devices AirDroid screen. :)>-
on the devices AirDroid screen. :)>-
Ah yes, the settings menu on the phone AirDroid screen, not on the computer's one! Tried switching the HTTPS switch on, but unfortunately I'm told "HTTPS is not supported on Android 2.2".
Think it's pretty poor that AirDroid is happy to set up the connection without issuing a warning that it's going to be an insecure one. The default setting should be secure, it should only set up an insecure connection if specifically and knowingly requested by the user!
Lovely app, but I've lost faith (at least until I've got newer Android anyway)
Think it's pretty poor that AirDroid is happy to set up the connection without issuing a warning that it's going to be an insecure one. The default setting should be secure, it should only set up an insecure connection if specifically and knowingly requested by the user!
Lovely app, but I've lost faith (at least until I've got newer Android anyway)
I was curious about whether or not AirDroid 2.0 was encrypting traffic between my phone and PC, especially if it was going out over the net.
I ran a packet capture and it seems the data within the application protocol may be encrypted rather than it using an encrypted protocol for all communication between your PC and phone. However, I really can't be sure I had the correct filters on and so I'm not 100% confident it is being encrypted. I'm going to err on the side of caution.
I ran a packet capture and it seems the data within the application protocol may be encrypted rather than it using an encrypted protocol for all communication between your PC and phone. However, I really can't be sure I had the correct filters on and so I'm not 100% confident it is being encrypted. I'm going to err on the side of caution.
https://web.airdroid.com doesn't work, so forget security if you use their web service, there is none.
If it's just on your LAN, it should not matter.
If it's just on your LAN, it should not matter.
AirDroid is safe enough =D. It's a semi-risky business using a connection like that to remotely control your phone, I guess. If you're some sort of secret agent or carrier of ancient secrets I think it was a mistake having a smartphone to begin with, let alone apps. [/quote]
[/quote]cheers[/quote]
[/quote]cheers[/quote]
Https and encrypted packets are fine, but what really worries me is the "Sign in via Google, Facebook, Twitter" feature. Those services are already huge security risks. It's a worrying amount of data to entrust to a password or two and the security of a 3rd party server. If I'm signed into chrome, and someone gets access to my browser, they could also have full control of my phone and everything in it.
This is an amazing service, but I feel like an idiot for using it.
This is an amazing service, but I feel like an idiot for using it.