@tapatalk the way TT is integrated shifts an immense amount of risk onto the forum. You go directly to the database instead of tailoring to each forum platform. It's not a small task to accomplish the proper integration. That said, this means Tapatalk itself is the "wide open back door".
Simply put, if a forum is running TT, the hacker doesn't need to exploit a hole in the forum. They just need to exploit TT for that platform and they get access to the forum automatically. There are very few, if zero, add-ons that come close to circumventing the forum's regular functions like Tapatalk does.
Hi,
There is no single "direct" SQL calls to database from the plugin code at all. There is no hand-crafted SQL call from our code except there are 4 SQL calls to a table we created / managed for Push Notifications service. There is no "circumventing" as everything are based on either the forum system API, or DB wrapper classes.
The rule of thumb is that if the forum system provides the API / function calls that can achieve the same result - we most certainly use them as it is much easier for us to maintain (e.g. the code won't break if forum system upgrade). If there is no direct API / functions available, our second choice is to use the DB wrapper class provided by the forum system. In case of xenForo (since this forum is obviously talking about xF), it is actually doing a fairly decent job in providing the necessary plumbing to achieve what the App needs to do, and in most case, the app only need a subset of the features from the web version. For examples, our code do not touch on the AdminCP API at all for security precaution.
As you said this is not a small task to accomplish, but it doesn't mean it cannot be accomplished, and automatically it means "wide open back door". We have accomplished this and accomplished this on multiple forum systems with dedicated engineers just doing one thing which is to make the plugin as secure as possible.
I understand there are perception of code quality and integration as there is high expectation when installing a comprehensive add-on like this. And as you have mentioned it is no small tasks. And the journey was rocky when forum owners and end users are demanding many things at the same time. But I personally believe it is the best effort any third-party developer can do. And I would admire any developers if they can read every line of our code to tell us what else we can do better - and we strive to do better and make it as secure, if not more secure (hey we reported couple of XSS issues to couple of forum systems when we were building the plugins) than the forum system itself. Last week, we reported couple of issues to vBulletin engineers of PHP7 related issues as part of our automated tests.
In some cases, we work directly with the forum system creator and their engineers. For example we work directly with Woltlab Burning Board (the biggest forum system in Germany) engineer to improve the plugin, we work with XDA (arguably the busiest vBulletin forum on the internet) system admin to identify issues and improve performance.
In 95% of cases, TT should not need more access to data than the visiting user, limited exceptions -- if that's followed 95% of possible TT exploits go poof.
Yes that's correct. It does not need access more than the visiting user and it is what we are doing today.
I sincerely you to consider to take back your statement of Tapatalk is a "wide open back door" - there are many more customers who are using the Tapatalk API to build their own app, their own widgets etc and it is important for us to defense against this accusation.
Sorry for the long post guys - I just feel it is important to clarify what we do and how we do it. I myself is also a software engineer and I feel it is very important to communicate this on behalf of the plugin team as they work around time clock to make the forum great again on mobile (app). We love what we are doing and we are just fortunate to be able to work on this project.
Thanks!
- Winter