Hacker News new | past | comments | ask | show | jobs | submit login

"Robin has the cloud integrated right into Android OS" - Oh my gawd!

I instantly stopped caring once I read this poetic marketing spiel.




Wow... they really shrank the size of a data center!

Of course I know what this actually means: your phone is now an even dumber dumb terminal for accessing the cloud.

I personally gave up when I saw no references at all to encryption, security, or privacy. I assume this thing promiscuously mirrors everything unencrypted (at rest) to someone else's server, or if data is encrypted at rest it's done with someone else's key (server-side "encryption"). That's not only a privacy nightmare but also a security nightmare. What happens if I store a valuable credential, card number, etc. on my phone? Barrels of fun.

For example someone with access to this data could:

find /path-to-cache | grep id_rsa ...

... then see how many machines on the Internet they can ssh into using Android SSH client certificates. Blamo, instant botnet.


There's a "Intelligently secure" blurb at the bottom of the page, but it's incredibly unhelpful, since the most you'll get out of it is that it has TouchID and:

> It is securely transmitted and stored encrypted on our servers. And we provide two factor authentication with Google.

which could mean any number of things.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: