UPDATE: @arirubinstein found an undocumented way Pokemon Go access rights could be used to get full account accesshttps://gist.github.com/arirubinstein/fd5453537436a8757266f908c3e41538 …
So a malicious app can just choose to do it the "wrong" way and stay under the radar?
-
-
Correct. After all, if they use a WebView, you are typing your username and password in the app.
-
But wait,even with the updated app I'm prompted for my user/pass, unlike Android. Limitation in iOS?
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.