I believe anything typed in a 'secure' box (where you put in CC numbers and passwords) does not register with the keyboard. What you're typing doesn't show up in the predictive word spaces. The numbers/passwords are never saved into memory.
The system keyboard will slide in to replace the 3rd-party keyboard when the secure field Is selected and then slide out again when you're done.
All I want is a [B]numpad[/B] keyboard I can call up at any time. Why CC/phone number/any all (mostly) numeric fields don't invoke a numpad keyboard all the time (or at least as an option) is beyond me.
The new iOS8 keyboard displays the suggestions too slowly for it to be useful. I naturally didn't care about them. On Swiftkey for example they come up faster and I end up using them. Still a lot of time to make it better.
Flesky looks nice with the keyboard without buttons.
The new iOS8 keyboard displays the suggestions too slowly for it to be useful. I naturally didn't care about them. On Swiftkey for example they come up faster and I end up using them.
Still a lot of time to make it better.
Flesky looks nice with the keyboard without buttons.
SwiftKey has been at it for a few years. Their user base grew slowly, and had plenty of time to iron out any wrinkles. I'm sure Apple's keyboard will be much improved by the time iOS 8 is released to the public. The predictive feature takes time before it's really intuitive.
No it doesn't. If that's the case with iOS then what's everyone worried about?
That only shows Apple considering a major security issue, but it doesn't mean they have considered all of them or that a 3rd-party couldn't override that field By exploiting a bug. We've seen plenty of apps over the years that have made it to the App Store that shouldn't.
I also think [@]d4NjvRzf[/@] brings up a good point about security fields in the browser. Now 1Password is very intelligent with such fields and I assume that Apple is too with their newer iCloud passwords so perhaps Apple has incorporated that "awareness" into 3rd-party keyboards in browsers.
Regardless, security is something we have to always be conscious of. At this point I have to reason to not trust Apple to "work to" protect the user but mistakes can happen, especially with newer tech, and especially if it's still in beta so I think these inquiries are good to get a better sense of the imposed boundaries and capabilities.
All I want is a numpad keyboard I can call up at any time. Why CC/phone number/any all (mostly) numeric fields don't invoke a numpad keyboard all the time (or at least as an option) is beyond me.
It's up to the app developer to identify the type of field (text, url, email) .
If no field type is identified, keyboard defaults to standard text field.
No it doesn't. If that's the case with iOS then what's everyone worried about?
That only shows Apple considering a major security issue, but it doesn't mean they have considered all of them or that a 3rd-party couldn't override that field By exploiting a bug. We've seen plenty of apps over the years that have made it to the App Store that shouldn't.
I also think [@]d4NjvRzf[/@] brings up a good point about security fields in the browser. Now 1Password is very intelligent with such fields and I assume that Apple is too with their newer iCloud passwords so perhaps Apple has incorporated that "awareness" into 3rd-party keyboards in browsers.
Regardless, security is something we have to always be conscious of. At this point I have to reason to not trust Apple to "work to" protect the user but mistakes can happen, especially with newer tech, and especially if it's still in beta so I think these inquiries are good to get a better sense of the imposed boundaries and capabilities.
Imagine if we lived in a world in which no-one had to worry about security because everyone was good.
Plus, I don't think it was immature or irrational, it was just a more colourful version of "You can imagine it all you want, it isn't going to happen," which is the only sensible response to such imaginings.
Plus, I don't think it was immature or irrational, it was just a more colourful version of "You can imagine it all you want, it isn't going to happen," which is the only sensible response to such imaginings.
If you think that that is the only sensible response, then you lack imagination.
Do you know Android is the least secure, or are you going by numerous reports you've read? I can definitely say Windows XP was a malware magnet because I had tons of malware instances, but I shop almost daily on my Android phone using SwiftKey and not once has any of my accounts been compromised. Any claim of malicious purposes by 3rd party keyboard devs is pure FUD.
First, where has anyone "claimed malicious purpose" by 3rd party developers? That is so beside the point, seriously...
Second, your reply is akin to saying, in response to giving "sneak and peek" powers to the FBI, "I have nothing to hide, so I have nothing to fear from that..." What you're essentially saying is, "as long as none of my shopping accounts have been compromised, I could care less if Swiftkey employees can read everything I've ever written using their software......."? And, how do you KNOW none of your accounts have been compromised? Because no-one has stolen anything from them (yet)? Psh....
Anyway, you clearly missed my point. Which was, "I'm not interested in handing "power" to an anonymous developer to track, broadcast or store everything I type." It was NOT "I suspect any and all third party developers of malfeasance", and NOT "Apple is the only honest company on the planet". Get it?
With the wording of Apple's disclaimer warning popup, it says to me that whether or not the developing company is benevolent, you are still for all intents and purposes installing a KEYLOGGER onto your phone which can (and probably does) send everything you type to a third party..... why would you do that?? Without knowing first exactly how, why, to WHOM exactly, and to what purpose?
That was my point, and you completely skipped it......... yeah, well, go on shopping and feeling safe. I'll wait for answers to those simple questions first before I ever use one of those apps...
First, where has anyone "claimed malicious purpose" by 3rd party developers? That is so beside the point, seriously...
Second, your reply is akin to saying, in response to giving "sneak and peek" powers to the FBI, "I have nothing to hide, so I have nothing to fear from that..." What you're essentially saying is, "as long as none of my shopping accounts have been compromised, I could care less if Swiftkey employees can read everything I've ever written using their software......."? And, how do you KNOW none of your accounts have been compromised? Because no-one has stolen anything from them (yet)? Psh....
<span style="line-height:1.4em;">Anyway, you clearly missed my point. Which was, "I'm not interested in handing "power" to an anonymous developer to </span>
track, broadcast or store everything I type." It was NOT "I suspect any and all third party developers of malfeasance", and NOT "Apple is the only honest company on the planet". Get it?
With the wording of Apple's disclaimer warning popup, it says to me that whether or not the developing company is benevolent, you are still for all intents and purposes installing a KEYLOGGER onto your phone which can (and probably does) send everything you type to a third party..... why would you do that?? Without knowing first exactly how, why, to WHOM exactly, and to what purpose?
That was my point, and you completely skipped it......... yeah, well, go on shopping and feeling safe. I'll wait for answers to those simple questions first before I ever use one of those apps...
The keyboard is the single most used 'app' on a smartphone. Glitches and bugs will be found by the multitudes instead of the few. Devs need feedback in order to continually improve their product. You don't know for certain that they're keylogging. Network connectivity is needed for diagnostic reasons, language packs, themes/skins, emoji packs, etc, etc...
Plus, I don't think it was immature or irrational, it was just a more colourful version of "You can imagine it all you want, it isn't going to happen," which is the only sensible response to such imaginings.
So, prior to what Edward Snowden revealed, were you of a mind to also speak thus to the "conspiracy minded" folk pointing at US (and other) intelligence services as behaving like "big brother"?
I was told by a large number of people that I was a "conspiracy theory nut" for saying I thought that agencies like the NSA were way over the line (remember the AT&T "data scooping" scandal at a facility in SF, revealed during the Bush years?)..... that was years before the Snowden revelations... yet people then said there was nothing to it, "mass surveillance...? you can imagine it all you want", they said, "it isn't going to happen..." Yeah, right?
How do you know "it isn't going to happen", and what exactly "isn't going to happen"? Sure, there are plenty of benevolent, sensible reasons to have "tracking" capabilities in a keyboard. The other guy I'm dialoguing with laid out a very respectable list. SO, who is guaranteeing that the uses will be limited to those sensible, respectable, benevolent purposes? Do you have a EULA that spells out exactly how YOUR data will be used (and more importantly NOT used)? I'm guessing you don't...
So again, without the slightest bit of paranoia involved: What I want to know (not guess at) is exactly how that data is being collected, stored, processed and used, and exactly why. Who has access to it? How secure is it?
To NOT ask these questions is to be purely complacent rather than "sensible". Seriously.
You prefer to assume that the anonymous developer you don't even know the name or location of is going to take real good care of your correspondence data? How do you determine which developers are "ok" and which are less trustworthy? IS it a case of "I have nothing to hide so I don't care if anyone reads it"? Well, even my most trivial, pointless missives are MINE and/or private, and I prefer to keep them that way, if at all possible.
I have learned to consider the worst case first. So until the developers clearly state what they do and don't do with the data, how it's collected, processed and stored, and who can see it and WHY, then I'm not handing it to them as if it doesn't matter... it does, and I'm shocked that you or anyone else like you can't see that it does.
The keyboard is the single most used 'app' on a smartphone. Glitches and bugs will be found by the multitudes instead of the few. Devs need feedback in order to continually improve their product. You don't know for certain that they're keylogging. Network connectivity is needed for diagnostic reasons, language packs, themes/skins, emoji packs, etc, etc...
Sure, those are all such sensible and benevolent sounding reasons, and if they are clearly spelled out by the developers that those are the ONLY reasons they collect the data, that those are the ONLY ways that collected data will be used, that ALL (your) personally typed data will be kept safe, secure, inaccessible by third parties, and only used for those anonymous non-invasive reasons, *guaranteed*.... then we're on the right track. I might consider it, but very much depending on the answers to those questions...
You're right. I don't know (yet) for sure they are key logging. You don't know that they AREN'T. I'm not complaining about any apps having "network connectivity", that's a totally different topic. And honestly? "Full access allows the developer to transmit anything you type...." is really REALLY different than simply allowing an app to have network access.... ya think? That is NOT the concern being discussed at all!
But here it is, spelled out clear as day, and completely lacking in developer qualifiers (let me ask you, which 3rd party keyboard developer has spelled out their privacy manifesto, answering to all those concerns I have?). This is how it IS... no paranoia required:
"Full access allows the developer to transmit anything you type, including things you have previously typed with this keyboard. This could include sensitive information such as your credit card number or street address."
Anything. Anything. Including sensitive personal information. And you feel just fine about that, even when they have NOT implicitly and directly addressed to YOU how they will transmit it, use it, store it, or exactly why? You don't really know, do you. You just.... trust....
Well, you've been warned. Once more for good measure:
"Full access allows the developer to transmit anything you type, including things you have previously typed with this keyboard. This could include sensitive information such as your credit card number or street address."
That's all I need to know to "just say no" until the developers fill in the necessary security details. Their answers will remove or confirm my concerns. That's way too invasive to ignore, or to simply call "paranoid" when someone says, "hey, that seems a bit invasive.." I mean, wow. Are you really that blind, ignorant or just plain complacent?
No wonder privacy is headed south.... people apparently don't value it as much anymore...
Comments
Certainly looks interesting. I'm very curious to try third party keyboards in a real world scenario though.
iMessage (as shown n the video) is not a real world scenario?
Or you mean you are curious to try it any way at all?
The system keyboard will slide in to replace the 3rd-party keyboard when the secure field Is selected and then slide out again when you're done.
Does Android do that?
The system keyboard will slide in to replace the 3rd-party keyboard when the secure field Is selected and then slide out again when you're done.
Does Android do that?
From the docs it appears that the system will override third-party keyboards when a text field with the secureTextEntry flag set (https://developer.apple.com/library/prerelease/ios/documentation/General/Conceptual/ExtensibilityPG/Keyboard.html). Does this behavior also apply to password fields in the browser, which are defined by html instead of cocoa objects?
No it doesn't. If that's the case with iOS then what's everyone worried about?
Still a lot of time to make it better.
Flesky looks nice with the keyboard without buttons.
SwiftKey has been at it for a few years. Their user base grew slowly, and had plenty of time to iron out any wrinkles. I'm sure Apple's keyboard will be much improved by the time iOS 8 is released to the public. The predictive feature takes time before it's really intuitive.
That only shows Apple considering a major security issue, but it doesn't mean they have considered all of them or that a 3rd-party couldn't override that field By exploiting a bug. We've seen plenty of apps over the years that have made it to the App Store that shouldn't.
I also think [@]d4NjvRzf[/@] brings up a good point about security fields in the browser. Now 1Password is very intelligent with such fields and I assume that Apple is too with their newer iCloud passwords so perhaps Apple has incorporated that "awareness" into 3rd-party keyboards in browsers.
Regardless, security is something we have to always be conscious of. At this point I have to reason to not trust Apple to "work to" protect the user but mistakes can happen, especially with newer tech, and especially if it's still in beta so I think these inquiries are good to get a better sense of the imposed boundaries and capabilities.
All I want is a numpad keyboard I can call up at any time. Why CC/phone number/any all (mostly) numeric fields don't invoke a numpad keyboard all the time (or at least as an option) is beyond me.
It's up to the app developer to identify the type of field (text, url, email) .
If no field type is identified, keyboard defaults to standard text field.
Imagine if we lived in a world in which no-one had to worry about security because everyone was good.
Why can't you try to engage in a mature and rational manner?
Clearly I can, and I do all the time.
Plus, I don't think it was immature or irrational, it was just a more colourful version of "You can imagine it all you want, it isn't going to happen," which is the only sensible response to such imaginings.
Clearly I can, and I do all the time.
Plus, I don't think it was immature or irrational, it was just a more colourful version of "You can imagine it all you want, it isn't going to happen," which is the only sensible response to such imaginings.
If you think that that is the only sensible response, then you lack imagination.
Do you know Android is the least secure, or are you going by numerous reports you've read? I can definitely say Windows XP was a malware magnet because I had tons of malware instances, but I shop almost daily on my Android phone using SwiftKey and not once has any of my accounts been compromised. Any claim of malicious purposes by 3rd party keyboard devs is pure FUD.
First, where has anyone "claimed malicious purpose" by 3rd party developers? That is so beside the point, seriously...
Second, your reply is akin to saying, in response to giving "sneak and peek" powers to the FBI, "I have nothing to hide, so I have nothing to fear from that..." What you're essentially saying is, "as long as none of my shopping accounts have been compromised, I could care less if Swiftkey employees can read everything I've ever written using their software......."? And, how do you KNOW none of your accounts have been compromised? Because no-one has stolen anything from them (yet)? Psh....
Anyway, you clearly missed my point. Which was, "I'm not interested in handing "power" to an anonymous developer to track, broadcast or store everything I type." It was NOT "I suspect any and all third party developers of malfeasance", and NOT "Apple is the only honest company on the planet". Get it?
With the wording of Apple's disclaimer warning popup, it says to me that whether or not the developing company is benevolent, you are still for all intents and purposes installing a KEYLOGGER onto your phone which can (and probably does) send everything you type to a third party..... why would you do that?? Without knowing first exactly how, why, to WHOM exactly, and to what purpose?
That was my point, and you completely skipped it......... yeah, well, go on shopping and feeling safe. I'll wait for answers to those simple questions first before I ever use one of those apps...
The keyboard is the single most used 'app' on a smartphone. Glitches and bugs will be found by the multitudes instead of the few. Devs need feedback in order to continually improve their product. You don't know for certain that they're keylogging. Network connectivity is needed for diagnostic reasons, language packs, themes/skins, emoji packs, etc, etc...
What are you talking about? Everyone is good; at least whilst they sleep
Clearly I can, and I do all the time.
Plus, I don't think it was immature or irrational, it was just a more colourful version of "You can imagine it all you want, it isn't going to happen," which is the only sensible response to such imaginings.
So, prior to what Edward Snowden revealed, were you of a mind to also speak thus to the "conspiracy minded" folk pointing at US (and other) intelligence services as behaving like "big brother"?
I was told by a large number of people that I was a "conspiracy theory nut" for saying I thought that agencies like the NSA were way over the line (remember the AT&T "data scooping" scandal at a facility in SF, revealed during the Bush years?)..... that was years before the Snowden revelations... yet people then said there was nothing to it, "mass surveillance...? you can imagine it all you want", they said, "it isn't going to happen..." Yeah, right?
How do you know "it isn't going to happen", and what exactly "isn't going to happen"? Sure, there are plenty of benevolent, sensible reasons to have "tracking" capabilities in a keyboard. The other guy I'm dialoguing with laid out a very respectable list. SO, who is guaranteeing that the uses will be limited to those sensible, respectable, benevolent purposes? Do you have a EULA that spells out exactly how YOUR data will be used (and more importantly NOT used)? I'm guessing you don't...
So again, without the slightest bit of paranoia involved: What I want to know (not guess at) is exactly how that data is being collected, stored, processed and used, and exactly why. Who has access to it? How secure is it?
To NOT ask these questions is to be purely complacent rather than "sensible". Seriously.
You prefer to assume that the anonymous developer you don't even know the name or location of is going to take real good care of your correspondence data? How do you determine which developers are "ok" and which are less trustworthy? IS it a case of "I have nothing to hide so I don't care if anyone reads it"? Well, even my most trivial, pointless missives are MINE and/or private, and I prefer to keep them that way, if at all possible.
I have learned to consider the worst case first. So until the developers clearly state what they do and don't do with the data, how it's collected, processed and stored, and who can see it and WHY, then I'm not handing it to them as if it doesn't matter... it does, and I'm shocked that you or anyone else like you can't see that it does.
The keyboard is the single most used 'app' on a smartphone. Glitches and bugs will be found by the multitudes instead of the few. Devs need feedback in order to continually improve their product. You don't know for certain that they're keylogging. Network connectivity is needed for diagnostic reasons, language packs, themes/skins, emoji packs, etc, etc...
Sure, those are all such sensible and benevolent sounding reasons, and if they are clearly spelled out by the developers that those are the ONLY reasons they collect the data, that those are the ONLY ways that collected data will be used, that ALL (your) personally typed data will be kept safe, secure, inaccessible by third parties, and only used for those anonymous non-invasive reasons, *guaranteed*.... then we're on the right track. I might consider it, but very much depending on the answers to those questions...
You're right. I don't know (yet) for sure they are key logging. You don't know that they AREN'T. I'm not complaining about any apps having "network connectivity", that's a totally different topic. And honestly? "Full access allows the developer to transmit anything you type...." is really REALLY different than simply allowing an app to have network access.... ya think? That is NOT the concern being discussed at all!
But here it is, spelled out clear as day, and completely lacking in developer qualifiers (let me ask you, which 3rd party keyboard developer has spelled out their privacy manifesto, answering to all those concerns I have?). This is how it IS... no paranoia required:
"Full access allows the developer to transmit anything you type, including things you have previously typed with this keyboard. This could include sensitive information such as your credit card number or street address."
Anything. Anything. Including sensitive personal information. And you feel just fine about that, even when they have NOT implicitly and directly addressed to YOU how they will transmit it, use it, store it, or exactly why? You don't really know, do you. You just.... trust....
Well, you've been warned. Once more for good measure:
"Full access allows the developer to transmit anything you type, including things you have previously typed with this keyboard. This could include sensitive information such as your credit card number or street address."
That's all I need to know to "just say no" until the developers fill in the necessary security details. Their answers will remove or confirm my concerns. That's way too invasive to ignore, or to simply call "paranoid" when someone says, "hey, that seems a bit invasive.." I mean, wow. Are you really that blind, ignorant or just plain complacent?
No wonder privacy is headed south.... people apparently don't value it as much anymore...