1. Download our Official Android App: Forums for Android!

Connectbot safe for high level remote admin tasks

Discussion in 'Android Apps & Games' started by Lotarogg, Oct 8, 2010.

  1. Lotarogg

    Lotarogg Lurker
    Thread Starter
    Rank:
    None
    Points:
    5
    Posts:
    2
    Joined:
    Oct 8, 2010

    Oct 8, 2010
    2
    0
    5
    ok, be gentle with me I'm not a developer but a network engineer wanting to use Connectbot on my HTC Desire to remote admin some of our servers. I'm concerned about other apps on the device capturing root passwords - is this possible, can I look at the apps installed to determine whether or not they can do this, is this the right place for this question?

    Cheers
     

    Advertisement

  2. fangorious

    fangorious Guest
    Rank:
    None
    Posts:
    0
    Joined:

    From 'Settings -> Applications -> Show Permissions' you can see what applications have access to various parts of the OS. Although I think you would need to focus your concern more towards ConnectBot itself harvesting passwords rather than other apps harvesting them from ConnectBot. I don't recall hearing anything about ConnectBot in the recent discussions of the article from group that made the TaintDroid security analysis tool.
     
    Lotarogg likes this.
  3. kruton

    kruton Lurker
    Rank:
    None
    Points:
    6
    Posts:
    1
    Joined:
    Oct 9, 2010

    ConnectBot doesn't harvest passwords. (Full disclosure: I wrote ConnectBot) However, you don't have to trust me since you can read the source code at connectbot - Project Hosting on Google Code and build your own copy if you're really paranoid.

    If you're worried about key loggers, make sure you trust your IME. That's the only thing that could log your key input barring any ridiculous mistakes like some IME logging all key input to logcat or dmesg.
     
    Lotarogg likes this.
  4. Lotarogg

    Lotarogg Lurker
    Thread Starter
    Rank:
    None
    Points:
    5
    Posts:
    2
    Joined:
    Oct 8, 2010

    Oct 8, 2010
    2
    0
    5
    I've gone through the apps and none say that they read and disseminate your passwords, so that's good :) From what you're both telling me only the IME itself and ConnectBot could log/steal the passwords in this instance so I'm feeling far more comfortable about using it.

    Thanks
     

Share This Page

Loading...