Please feel free to suggest applications that you would like me and my friends to test for security in the comments field and or suggest improvements to my website or practice as a whole. We try to avoid doing banking applications and big names like “Google”, “Apple” and “Amazon”. Applications that deal with rewards programs are good ones to suggest.
If anyone has any security related questions please feel free to ask them and I will do my best to get back to you in a timely manner.
Please do not spam or use this for anything other than suggestions and questions.
Also, ignore the “Website” field when submitting suggestions.
Thank you for your suggestions!
EXAMPLE: You guys should do the DTE Energy mobile app because I think it is vulnerable!
I have always wondered how safe it is to use Apple Pay, Google wallet or saving passwords on private computers. This morning, for the first time, I considered using the Norton feature that saves all my passwords to make logging in easier. I generally use the same password for everything, but now random sites require you change your password occasionally and the password criteria is changing too. I know there are various products that offer this “password vault” feature and I want to know if you think it’s safe to use? Oh, and I also wondered if you’ve ever tried to hack Mint software? I didn’t know if you avoid hacking actual bank websites, or any sites related to banking. I don’t expect you to answer all these questions, but I thought they could be good topics for your website.
As far as Apple Pay and Google wallet those companies are usually EXTREMELY secure when it comes to dealing with their customers money. We have looked at some of the Google, Apple, and Amazon products and they all have excellent top of the line security with bug bounty programs that pay people to find issues similar to what I do.
As for the Norton password managing software I have not heard anything bad about it security wise. Symantec is the company who owns them and they are pretty well respected in the security industry. I personally do not like using password vaults that store passwords on the companies server because I do not know what they are doing with that information (I am a little paranoid when it comes to my passwords). I personally use products like Keepass that stores your passwords locally on your device. Then I encrypt my devices so that people can not access those files by stealing my hard drive.
We try to stay away from banking applications as much as possible just because they tend to have a more aggressive attitude toward what we do and we don’t want any law suites against us…. haha, that being said we still do play around with some new applications and I have looked at my personal banking application. Banks tend to throw a lot of money at their applications and tools because their is so much pressure to protect their customers money and information. At OST we have tested several applications and have not found any major issues with the applications we have found yet.
Excellent post. I was checking constantly this blog and I’m impressed! Extremely helpful information specifically the last part 🙂 I care for such information much. I was looking for this certain info for a long time. Thank you and best of luck.