Hangish is identified as iOS device with full access in google security checkup #28
Comments
|
Unfortunately a better approach is not known at this time, you may want to read this: tdryer/hangups#123 |
|
I don't agree with closing this issue. Actually it contains complain about 2 bugs:
Ok, you've mentioned that there is known solution for (2). But what about (1)? The first time I've noticed this record in my security checkup I've thought "WTF? I don't have any iOS device! This does not belong here! Was I hacked?" and deleted this record. |
|
Sailfish and YTPlayer have their own icon and label because they use APIs that Google publicly offer to developers, so they have created developer keys for their own projects; unfortunately, there is nothing alike for hangouts. In the link I pasted, you can read that simon-weber managed to get the endpoints for the hangouts scopes, that is the what I would need to make hangish appear as hangish, and with the appropriate permissions, in the Google account information page, but he also found that these endpoints are whitelisted for Google apps only. So, the 2 bugs you refer to are closely related: I guess that solving one would mean solving the other. But I agree with you on that it is a bit awkward to have an IOS device listed there; I may add a notice popup in hangish when the login is performed. |
Check https://security.google.com/settings/security/permissions
Record that is corresponding to hangish says that it is iOS device with full access to account. This completely unexpected and most queerly. At least hangish should not request full access and confine itself to access to google talk.
The text was updated successfully, but these errors were encountered: