1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Concern - TapaTalk

Discussion in 'Off Topic' started by Adam Howard, May 23, 2014.

  1. Adam Howard

    Adam Howard Well-Known Member

    I do not mean to post this twice, but I am well aware not everyone follows the add-on threads, religiously. Just as I am also aware not everyone visits TapaTalk's own support forums.

    And since they have personally decided to remain silent on this issue, I thought it best to make a small announcement (draw to attention) that there is/was a security concern in TapaTalk; it was patched, but TapaTalk has decided to NOT inform people to patch or update to resolve this flaw (no notice or update issued publicly). :eek:

    Source: https://support.tapatalk.com/threads/tapatalk-cross-site-scripting-vulnerability.24719/

    This security issue is directly with TapaTalk and not the XenForo development, but if you do have TapaTalk running, you should update accordingly (re-apply the same version, but using the newer files).
     

    Attached Files:

    Last edited: May 23, 2014
    slinky123, DRE, euantor and 3 others like this.
  2. DaveM

    DaveM Well-Known Member

    Yes we should all take note of this one (y) TapaTalk will never run on another one of our forums again ever :whistle:

    I wonder how long that thread will remain on their site before it is killed lol
     
  3. Adam Howard

    Adam Howard Well-Known Member

    The problem about TapaTalk is there are so many "newbies" or simply "tech unaware" that are dependent upon it.

    You would be surprised on how many people own an Android or iPhone and truly believe they need TapaTalk to browse forums. It reminds me so much of how back in the day people truly believed they needed, AOL to browse the internet. :rolleyes:
    I do not see why that would happen. XenForo has the good business practice of taking security concerns seriously and has always encouraged people point them out and address them :)

    edit: Oh, you mean over there.... That is why I took screenshots.
     
  4. DaveM

    DaveM Well-Known Member

    Adam Howard likes this.
  5. FredC

    FredC Well-Known Member

    This is why i removed Tapatalk last year.. Each and every update only proves more and more that they are crooks and only care about their bottom line. What has always bothered me is that they do it by either putting our own communities at risk or just steal from us but TT always gets theirs and usually leaves forum admin with a buggy POS software. How is TT needed? i have no idea but if you need TapaTalk you as a forum admin may want to rethink your campaign.
     
    Adam Howard and DaveM like this.
  6. Adam Howard

    Adam Howard Well-Known Member

    There is a bit of generation gap when it comes to mobile devices. The older generation has no problem using a browser, while the upcoming and younger generation is completely app dependent. They believe they need an app for just about everything and telling them you can use the mobile browser just does not compute or is ignored.

    So if you're fine with ages 30+, I guess you have nothing to be concerned about. But if you're looking to the future, the younger generation just does not conform.
     
    FredC and Shyuan like this.
  7. Shyuan

    Shyuan Well-Known Member

    I agree that younger generation is so app dependent, they didn't even know the forum actually exist on the internet! I wanted to get rid of Tapatalk but I just couldn't because more than half of my members surf using Tapatalk. I'm slowly taking away the function of Tapatalk, what I did at this stage is the registration should take place via browser rather than the app. This way, members will appreciate the beauty of my forum because they actually notice "oh, this is actually a website that is accessible via the browser". Otherwise, some think that Tapatalk is ours and kept asking questions about their issues with Tapatalk merely because everything they do is within the app (they never encountered the web version before). Now I have more members who go to the site instead of app, probably because of the registration process.
     
    slinky123 and FredC like this.
  8. DaveM

    DaveM Well-Known Member

    The other issue is they become ghost members on your forum and don't respond to any forum tweak you may have running. Communicating with them is also a huge issue as they tend to not see personal messages most of the time, miss tagged threads that need reading.
     
  9. Adam Howard

    Adam Howard Well-Known Member

    If you want to share how that is done, please do.

    I am unaware of any setting that would force this.
     
  10. FredC

    FredC Well-Known Member

    I will say that of all the things ive added and removed from my communities over the years removing TapaTalk was met with the most resistance by far.. I understand TT app developers are trying to make a buck but their approach to me is just to sneaky.. TT in no way shape or form is transparent or honest..
     
  11. Adam Howard

    Adam Howard Well-Known Member

    Never mind... found it....

    Options > Tapatalk - In App Registration - Options > Redirect to External Registration URL
     
    Shyuan likes this.
  12. Liam W

    Liam W Well-Known Member

    I'm disagreeing with this... Then again, I never did conform to stereotypes or social norms...

    As per the OT, I removed Tapatalk last year at some point... Never used it and don't see the point in it anymore.
     
    SneakyDave likes this.
  13. Adam Howard

    Adam Howard Well-Known Member

    Props to you for not keeping to the social norms of your generation.
     
  14. Liam W

    Liam W Well-Known Member

    I can't tell if that's a good thing, and/or if you're being sarcastic.
     
  15. Adam Howard

    Adam Howard Well-Known Member

    LOL

    [​IMG]

    You have no idea how funny it is for you to say that with your avatar (assuming you know your memes).

    I truly did mean it as a good thing. It's good to think outside the box and for yourself.
     
  16. Martok

    Martok Well-Known Member

    This isn't the first security issue with Tapatalk and it won't be the last. There were issues last year which I posted about elsewhere on these forums. I raised the security concern and other issues over on the Tapatalk forums only to have one thread locked and the other deleted. There was nothing rude or inappropriate in either, they just didn't want to deal with legitimate concerns.

    After that, I removed Tapatalk from my site. I told members it was due to security issues and advertising and although a few were unhappy, most understood. I've not looked back since and members can now see and use the various extras like Xenforo Media Gallery as well as basic functions such as font sizes and colours that Tapatalk couldn't support.

    So for me, I'll never go back to Tapatalk.
     
    SneakyDave and Adam Howard like this.
  17. Liam W

    Liam W Well-Known Member

    Social norms... I don't know my memes. :p

    Anyhow, like usual, I'm making a topic drift off-topic.
     
    Adam Howard likes this.
  18. Freddie Agricola

    Freddie Agricola Active Member

  19. Brogan

    Brogan XenForo Moderator Staff Member

    Never used it, never will use it.


    ------
    Sent from my PC using my fingers.
     
    Xon, fEaRz, Liam W and 6 others like this.
  20. Carlos

    Carlos Well-Known Member

    I use it because Tapatalk is popular in the niche I'm in. :unsure:
     
    Adam Howard likes this.

Share This Page