<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article10_01_10_2036222</id>
	<title>Malicious App In Android Market</title>
	<author>kdawson</author>
	<datestamp>1263119940000</datestamp>
	<htmltext>dumbnose writes to let us know that a <a href="http://www.firsttechcu.com/home/security/fraud/security\_fraud.html">fraudulent app that attempts to steal bank information</a> has made it to the Android app store. From the alert: <i>"NOTICE: Users of mobile devices with Android software may have noticed several applications available for download in the Android Marketplace. If you see any applications provided by the user Droid09, please do not download these applications. Android applications provided by Droid09 are fraudulent. Please remove any applications by Droid09 from your mobile device and contact your mobile provider to evaluate whether any other applications or information stored on your mobile device have been compromised."</i> Multiple marketplaces are possible in the open Android ecosystem. Might we see the emergence of a marketplace distinguished by an iPhone-like app vetting process?</htmltext>
<tokenext>dumbnose writes to let us know that a fraudulent app that attempts to steal bank information has made it to the Android app store .
From the alert : " NOTICE : Users of mobile devices with Android software may have noticed several applications available for download in the Android Marketplace .
If you see any applications provided by the user Droid09 , please do not download these applications .
Android applications provided by Droid09 are fraudulent .
Please remove any applications by Droid09 from your mobile device and contact your mobile provider to evaluate whether any other applications or information stored on your mobile device have been compromised .
" Multiple marketplaces are possible in the open Android ecosystem .
Might we see the emergence of a marketplace distinguished by an iPhone-like app vetting process ?</tokentext>
<sentencetext>dumbnose writes to let us know that a fraudulent app that attempts to steal bank information has made it to the Android app store.
From the alert: "NOTICE: Users of mobile devices with Android software may have noticed several applications available for download in the Android Marketplace.
If you see any applications provided by the user Droid09, please do not download these applications.
Android applications provided by Droid09 are fraudulent.
Please remove any applications by Droid09 from your mobile device and contact your mobile provider to evaluate whether any other applications or information stored on your mobile device have been compromised.
" Multiple marketplaces are possible in the open Android ecosystem.
Might we see the emergence of a marketplace distinguished by an iPhone-like app vetting process?</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718204</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>Anonymous</author>
	<datestamp>1263126060000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation) -- but at least it's doable on Android. I don't think any other phone platforms give this level of permission separation or control. I'm not so sure that app review would really fix the overall problem; it might catch the obviously-malicious phishing apps like in this story, but I bet that the app auditors' opinion on what is a privacy violation differs greatly from my own.</p></div><p>To be fair, as a developer I would much prefer the all or naught policy that Android enforces - the user basically has to check out the app, see if what it wants to access corresponds to what it's supposed to do, and if not, don't install the application. You're only asking for trouble and bogus bug reports when you let the users deny access to core functionality at their own whim, and if that was the case, the developers would ideally have to spend much more time on graceful degradation in case access to feature <i>x</i> is denied.</p><p>However, this brings up the problem of peer pressure (in lack of a better term) - what if the app in question has a really useful feature or it's otherwise important to you, yet it makes ridiculous claims in the list of built-in functionality access?</p><p>With smart, non-spontaneous users (i.e. non-users), that wouldn't be a problem because of market forces - the app requires access to data it's not supposed to need, so no one installs it, it doesn't gain popularity, and the developer has to lose the unnecessary privileges to release an app that instead gains popularity. However, that's clearly not what's going on in the Android app market as it is. Internet connectivity is in my experience the most common privilege requested when it's not needed. Often (I suspect) it's for apps that simply need to fetch advertisements to display, even though the base app functionality shouldn't require access to the Internet.</p><p>Oh well. I have nothing to hide, so it's not my problem, is it?</p></div>
	</htmltext>
<tokenext>I wish this functionality was built into the OS , rather than having to do it manually ( for example , a way to disallow internet access during installation ) -- but at least it 's doable on Android .
I do n't think any other phone platforms give this level of permission separation or control .
I 'm not so sure that app review would really fix the overall problem ; it might catch the obviously-malicious phishing apps like in this story , but I bet that the app auditors ' opinion on what is a privacy violation differs greatly from my own.To be fair , as a developer I would much prefer the all or naught policy that Android enforces - the user basically has to check out the app , see if what it wants to access corresponds to what it 's supposed to do , and if not , do n't install the application .
You 're only asking for trouble and bogus bug reports when you let the users deny access to core functionality at their own whim , and if that was the case , the developers would ideally have to spend much more time on graceful degradation in case access to feature x is denied.However , this brings up the problem of peer pressure ( in lack of a better term ) - what if the app in question has a really useful feature or it 's otherwise important to you , yet it makes ridiculous claims in the list of built-in functionality access ? With smart , non-spontaneous users ( i.e .
non-users ) , that would n't be a problem because of market forces - the app requires access to data it 's not supposed to need , so no one installs it , it does n't gain popularity , and the developer has to lose the unnecessary privileges to release an app that instead gains popularity .
However , that 's clearly not what 's going on in the Android app market as it is .
Internet connectivity is in my experience the most common privilege requested when it 's not needed .
Often ( I suspect ) it 's for apps that simply need to fetch advertisements to display , even though the base app functionality should n't require access to the Internet.Oh well .
I have nothing to hide , so it 's not my problem , is it ?</tokentext>
<sentencetext>I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation) -- but at least it's doable on Android.
I don't think any other phone platforms give this level of permission separation or control.
I'm not so sure that app review would really fix the overall problem; it might catch the obviously-malicious phishing apps like in this story, but I bet that the app auditors' opinion on what is a privacy violation differs greatly from my own.To be fair, as a developer I would much prefer the all or naught policy that Android enforces - the user basically has to check out the app, see if what it wants to access corresponds to what it's supposed to do, and if not, don't install the application.
You're only asking for trouble and bogus bug reports when you let the users deny access to core functionality at their own whim, and if that was the case, the developers would ideally have to spend much more time on graceful degradation in case access to feature x is denied.However, this brings up the problem of peer pressure (in lack of a better term) - what if the app in question has a really useful feature or it's otherwise important to you, yet it makes ridiculous claims in the list of built-in functionality access?With smart, non-spontaneous users (i.e.
non-users), that wouldn't be a problem because of market forces - the app requires access to data it's not supposed to need, so no one installs it, it doesn't gain popularity, and the developer has to lose the unnecessary privileges to release an app that instead gains popularity.
However, that's clearly not what's going on in the Android app market as it is.
Internet connectivity is in my experience the most common privilege requested when it's not needed.
Often (I suspect) it's for apps that simply need to fetch advertisements to display, even though the base app functionality shouldn't require access to the Internet.Oh well.
I have nothing to hide, so it's not my problem, is it?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720264</id>
	<title>Safe</title>
	<author>Anonymous</author>
	<datestamp>1263149940000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I'm running Windows.</p></htmltext>
<tokenext>I 'm running Windows .</tokentext>
<sentencetext>I'm running Windows.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718150</id>
	<title>Re:Check for the signed label!</title>
	<author>Anonymous</author>
	<datestamp>1263125760000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext>However, there is balance. Look at Ubuntu's repositories, they rarely really "reject" any applications and everything in there is more or less malware free. I can see there being a market for trusted repositories in Android also.</htmltext>
<tokenext>However , there is balance .
Look at Ubuntu 's repositories , they rarely really " reject " any applications and everything in there is more or less malware free .
I can see there being a market for trusted repositories in Android also .</tokentext>
<sentencetext>However, there is balance.
Look at Ubuntu's repositories, they rarely really "reject" any applications and everything in there is more or less malware free.
I can see there being a market for trusted repositories in Android also.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719898</id>
	<title>Re:An iPhone-like process?</title>
	<author>\_Sprocket\_</author>
	<datestamp>1263144840000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Google seems to be taking a "we'll do what we want and carriers can't stop us" attitude. Good luck with that.</p></div><p>That's what fascinates me about the Droid.  Google has gotten <a href="http://latimesblogs.latimes.com/technology/2009/10/thanks-to-google-and-motorolas-droid-verizon-opens-up.html" title="latimes.com">Verizon to let the cork off that genie</a> [latimes.com]:</p><p><div class="quote"><p>Verizon spokesman Ken Muche said the company has no plans to make its own app store for Android -- another platform that already has one, called Market. Good idea.</p><p>The Droid's App Store does have a Verizon tab, which contains a Visual Voicemail app.</p><p>But all of those little Verizon injections added up to potential revenue in the past.</p><p>A lack of Bluetooth transfers on some phones meant you might have to pay a fee to move contacts between devices. Controlling apps meant Verizon could potentially profit from selling software as an intermediary. Keeping GPS software off phones meant a monthly fee could be charged for navigation service.</p><p>So much for that.</p><p>"If you want total customization, you can go this route," Muche said. Of course, if you'd rather have big red buttons, there's a phone for that.</p><p>Granted, Verizon had been loosening up recently with its lineup of dull (but no red menus) smart phones. With this phone, Verizon seems to be sincerely facing facts and stepping back from the software game. And there's another Verizon Droid phone on the way? Has Verizon been taken over by robots?</p><p>Wait a minute. Is Google taking over the world?</p><p>Muche and Nicholson laughed uncomfortably at the question. After a brief awkward silence, Nicholson chimed in, "You either join or you don't."</p></div></div>
	</htmltext>
<tokenext>Google seems to be taking a " we 'll do what we want and carriers ca n't stop us " attitude .
Good luck with that.That 's what fascinates me about the Droid .
Google has gotten Verizon to let the cork off that genie [ latimes.com ] : Verizon spokesman Ken Muche said the company has no plans to make its own app store for Android -- another platform that already has one , called Market .
Good idea.The Droid 's App Store does have a Verizon tab , which contains a Visual Voicemail app.But all of those little Verizon injections added up to potential revenue in the past.A lack of Bluetooth transfers on some phones meant you might have to pay a fee to move contacts between devices .
Controlling apps meant Verizon could potentially profit from selling software as an intermediary .
Keeping GPS software off phones meant a monthly fee could be charged for navigation service.So much for that .
" If you want total customization , you can go this route , " Muche said .
Of course , if you 'd rather have big red buttons , there 's a phone for that.Granted , Verizon had been loosening up recently with its lineup of dull ( but no red menus ) smart phones .
With this phone , Verizon seems to be sincerely facing facts and stepping back from the software game .
And there 's another Verizon Droid phone on the way ?
Has Verizon been taken over by robots ? Wait a minute .
Is Google taking over the world ? Muche and Nicholson laughed uncomfortably at the question .
After a brief awkward silence , Nicholson chimed in , " You either join or you do n't .
"</tokentext>
<sentencetext>Google seems to be taking a "we'll do what we want and carriers can't stop us" attitude.
Good luck with that.That's what fascinates me about the Droid.
Google has gotten Verizon to let the cork off that genie [latimes.com]:Verizon spokesman Ken Muche said the company has no plans to make its own app store for Android -- another platform that already has one, called Market.
Good idea.The Droid's App Store does have a Verizon tab, which contains a Visual Voicemail app.But all of those little Verizon injections added up to potential revenue in the past.A lack of Bluetooth transfers on some phones meant you might have to pay a fee to move contacts between devices.
Controlling apps meant Verizon could potentially profit from selling software as an intermediary.
Keeping GPS software off phones meant a monthly fee could be charged for navigation service.So much for that.
"If you want total customization, you can go this route," Muche said.
Of course, if you'd rather have big red buttons, there's a phone for that.Granted, Verizon had been loosening up recently with its lineup of dull (but no red menus) smart phones.
With this phone, Verizon seems to be sincerely facing facts and stepping back from the software game.
And there's another Verizon Droid phone on the way?
Has Verizon been taken over by robots?Wait a minute.
Is Google taking over the world?Muche and Nicholson laughed uncomfortably at the question.
After a brief awkward silence, Nicholson chimed in, "You either join or you don't.
"
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717966</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30723252</id>
	<title>Vetting is not perfect</title>
	<author>forrie</author>
	<datestamp>1263225900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The vetting process is only as good as the time and effort and competence you're able to provide.</p><p>Case in point:  I have an iPhone 3GS.  Just 2 days after downloading and accessing the PayPal App on my iPhone, some jerk broke in to my PayPal account and stole money.   We traced the relay to a server in the Netherlands, and we suspect one of the seemingly harmless apps (Emoticons) had an obscured/obfuscated key logger.</p><p>Needless to say, I will not be doing any sensitive operations on my mobile devices.  I was particularly alarmed at Apple's apparent apathy toward it, after calling them and with a very well-documented complaint.</p><p>My point is that these are new platforms and it may be a while before we're really able to truly secure them -- at least to the point where we can a computer system that we operate (without restrictions).   The Android market is probably more dangerous to this effect as there is no real official vetting process -- anyone can write an app.</p><p>Caveat Emptor.</p><p>If anyone has reverse engineered the Droid09 apps to show the code - post them somewhere publicly.  I'd be interested in seeing these, possibly making comparisons to what was found hiding on the iPhone.</p></htmltext>
<tokenext>The vetting process is only as good as the time and effort and competence you 're able to provide.Case in point : I have an iPhone 3GS .
Just 2 days after downloading and accessing the PayPal App on my iPhone , some jerk broke in to my PayPal account and stole money .
We traced the relay to a server in the Netherlands , and we suspect one of the seemingly harmless apps ( Emoticons ) had an obscured/obfuscated key logger.Needless to say , I will not be doing any sensitive operations on my mobile devices .
I was particularly alarmed at Apple 's apparent apathy toward it , after calling them and with a very well-documented complaint.My point is that these are new platforms and it may be a while before we 're really able to truly secure them -- at least to the point where we can a computer system that we operate ( without restrictions ) .
The Android market is probably more dangerous to this effect as there is no real official vetting process -- anyone can write an app.Caveat Emptor.If anyone has reverse engineered the Droid09 apps to show the code - post them somewhere publicly .
I 'd be interested in seeing these , possibly making comparisons to what was found hiding on the iPhone .</tokentext>
<sentencetext>The vetting process is only as good as the time and effort and competence you're able to provide.Case in point:  I have an iPhone 3GS.
Just 2 days after downloading and accessing the PayPal App on my iPhone, some jerk broke in to my PayPal account and stole money.
We traced the relay to a server in the Netherlands, and we suspect one of the seemingly harmless apps (Emoticons) had an obscured/obfuscated key logger.Needless to say, I will not be doing any sensitive operations on my mobile devices.
I was particularly alarmed at Apple's apparent apathy toward it, after calling them and with a very well-documented complaint.My point is that these are new platforms and it may be a while before we're really able to truly secure them -- at least to the point where we can a computer system that we operate (without restrictions).
The Android market is probably more dangerous to this effect as there is no real official vetting process -- anyone can write an app.Caveat Emptor.If anyone has reverse engineered the Droid09 apps to show the code - post them somewhere publicly.
I'd be interested in seeing these, possibly making comparisons to what was found hiding on the iPhone.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30726588</id>
	<title>Re:Then the developer is screwed</title>
	<author>thetoadwarrior</author>
	<datestamp>1263240780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The same applies to Android development. It's cheaper but you still have to pay to get your app on the market.</htmltext>
<tokenext>The same applies to Android development .
It 's cheaper but you still have to pay to get your app on the market .</tokentext>
<sentencetext>The same applies to Android development.
It's cheaper but you still have to pay to get your app on the market.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720184</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874</id>
	<title>An iPhone-like process?</title>
	<author>bcmm</author>
	<datestamp>1263123960000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>An iPhone-like vetting process would be "we'll reject it if we don't like the look of it". How about "Linux-distro style vetting process"?</htmltext>
<tokenext>An iPhone-like vetting process would be " we 'll reject it if we do n't like the look of it " .
How about " Linux-distro style vetting process " ?</tokentext>
<sentencetext>An iPhone-like vetting process would be "we'll reject it if we don't like the look of it".
How about "Linux-distro style vetting process"?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718348</id>
	<title>Re:Apple's store ain't much better</title>
	<author>nneonneo</author>
	<datestamp>1263127260000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>The app by itself is not illegal -- it uses publicly available information to "parse" a credit card number, and the algorithms which determine the validity of a set of 16 credit card digits are pretty well-known by now. What the app probably cannot tell you is whether the card actually belongs to someone.</p><p>The description also doesn't outwardly suggest that the app was "marketed to Romanian hackers". Basically, there's nothing in the app description or screenshots to suggest that the application, which uses only publicly available knowledge, violates any of the terms of Apple's app policy.</p></htmltext>
<tokenext>The app by itself is not illegal -- it uses publicly available information to " parse " a credit card number , and the algorithms which determine the validity of a set of 16 credit card digits are pretty well-known by now .
What the app probably can not tell you is whether the card actually belongs to someone.The description also does n't outwardly suggest that the app was " marketed to Romanian hackers " .
Basically , there 's nothing in the app description or screenshots to suggest that the application , which uses only publicly available knowledge , violates any of the terms of Apple 's app policy .</tokentext>
<sentencetext>The app by itself is not illegal -- it uses publicly available information to "parse" a credit card number, and the algorithms which determine the validity of a set of 16 credit card digits are pretty well-known by now.
What the app probably cannot tell you is whether the card actually belongs to someone.The description also doesn't outwardly suggest that the app was "marketed to Romanian hackers".
Basically, there's nothing in the app description or screenshots to suggest that the application, which uses only publicly available knowledge, violates any of the terms of Apple's app policy.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717958</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719032</id>
	<title>Redmond Relief</title>
	<author>PeterHammer</author>
	<datestamp>1263133860000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Somewhere in Redmond someone is sighing a long sigh of relief. Finally they say - finally - they stopped picking on us!</p></htmltext>
<tokenext>Somewhere in Redmond someone is sighing a long sigh of relief .
Finally they say - finally - they stopped picking on us !</tokentext>
<sentencetext>Somewhere in Redmond someone is sighing a long sigh of relief.
Finally they say - finally - they stopped picking on us!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724756</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>lfaraone</author>
	<datestamp>1263233160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation) -- but at least it's doable on Android. I don't think any other phone platforms give this level of permission separation or control. I'm not so sure that app review would really fix the overall problem; it might catch the obviously-malicious phishing apps like in this story, but I bet that the app auditors' opinion on what is a privacy violation differs greatly from my own.</p></div><p>Maybe you're thinking of <a href="http://wiki.laptop.org/go/Rainbow" title="laptop.org" rel="nofollow">http://wiki.laptop.org/go/Rainbow</a> [laptop.org], which implements <a href="http://wiki.laptop.org/go/OLPC\_Bitfrost" title="laptop.org" rel="nofollow">http://wiki.laptop.org/go/OLPC\_Bitfrost</a> [laptop.org], which does exactly what you're describing.

It's currently in Debian ( <a href="http://packages.debian.org/unstable/main/rainbow" title="debian.org" rel="nofollow">http://packages.debian.org/unstable/main/rainbow</a> [debian.org] ) and Fedora ( <a href="http://ppc.koji.fedoraproject.org/koji/packageinfo?packageID=7262" title="fedoraproject.org" rel="nofollow">http://ppc.koji.fedoraproject.org/koji/packageinfo?packageID=7262</a> [fedoraproject.org] ).</p></div>
	</htmltext>
<tokenext>I wish this functionality was built into the OS , rather than having to do it manually ( for example , a way to disallow internet access during installation ) -- but at least it 's doable on Android .
I do n't think any other phone platforms give this level of permission separation or control .
I 'm not so sure that app review would really fix the overall problem ; it might catch the obviously-malicious phishing apps like in this story , but I bet that the app auditors ' opinion on what is a privacy violation differs greatly from my own.Maybe you 're thinking of http : //wiki.laptop.org/go/Rainbow [ laptop.org ] , which implements http : //wiki.laptop.org/go/OLPC \ _Bitfrost [ laptop.org ] , which does exactly what you 're describing .
It 's currently in Debian ( http : //packages.debian.org/unstable/main/rainbow [ debian.org ] ) and Fedora ( http : //ppc.koji.fedoraproject.org/koji/packageinfo ? packageID = 7262 [ fedoraproject.org ] ) .</tokentext>
<sentencetext>I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation) -- but at least it's doable on Android.
I don't think any other phone platforms give this level of permission separation or control.
I'm not so sure that app review would really fix the overall problem; it might catch the obviously-malicious phishing apps like in this story, but I bet that the app auditors' opinion on what is a privacy violation differs greatly from my own.Maybe you're thinking of http://wiki.laptop.org/go/Rainbow [laptop.org], which implements http://wiki.laptop.org/go/OLPC\_Bitfrost [laptop.org], which does exactly what you're describing.
It's currently in Debian ( http://packages.debian.org/unstable/main/rainbow [debian.org] ) and Fedora ( http://ppc.koji.fedoraproject.org/koji/packageinfo?packageID=7262 [fedoraproject.org] ).
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717914</id>
	<title>Applications, applications, applications...</title>
	<author>Anonymous</author>
	<datestamp>1263124320000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><p>There sure are a lot of mentions of the word "applications" in the summary.</p><p> <a href="http://img34.imageshack.us/i/applications.jpg/" title="imageshack.us" rel="nofollow">http://img34.imageshack.us/i/applications.jpg</a> [imageshack.us] </p><p>I know, it's just serendipitous rendering on Chrome's part, but part of me wants to believe that the submitter was actually channelling their inner Ballmer.</p></htmltext>
<tokenext>There sure are a lot of mentions of the word " applications " in the summary .
http : //img34.imageshack.us/i/applications.jpg [ imageshack.us ] I know , it 's just serendipitous rendering on Chrome 's part , but part of me wants to believe that the submitter was actually channelling their inner Ballmer .</tokentext>
<sentencetext>There sure are a lot of mentions of the word "applications" in the summary.
http://img34.imageshack.us/i/applications.jpg [imageshack.us] I know, it's just serendipitous rendering on Chrome's part, but part of me wants to believe that the submitter was actually channelling their inner Ballmer.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719228</id>
	<title>Re:Congratulations, you've made it to the big time</title>
	<author>ehrichweiss</author>
	<datestamp>1263136800000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>0</modscore>
	<htmltext>It's prudent to note that Avira anti-virus used to be called "AntiVir"...but I'm pretty certain you're not talking about the same people..</htmltext>
<tokenext>It 's prudent to note that Avira anti-virus used to be called " AntiVir " ...but I 'm pretty certain you 're not talking about the same people. .</tokentext>
<sentencetext>It's prudent to note that Avira anti-virus used to be called "AntiVir"...but I'm pretty certain you're not talking about the same people..</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717812</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724872</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>Anonymous</author>
	<datestamp>1263233520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>On the BlackBerry you can allow or deny internet access on a per connection, per address, per app, and global basis, depending on what you want.</p></htmltext>
<tokenext>On the BlackBerry you can allow or deny internet access on a per connection , per address , per app , and global basis , depending on what you want .</tokentext>
<sentencetext>On the BlackBerry you can allow or deny internet access on a per connection, per address, per app, and global basis, depending on what you want.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830</id>
	<title>Check for the signed label!</title>
	<author>Anonymous</author>
	<datestamp>1263123660000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>This is something that is far more unlikely to happen on the iPhone because of Apple's strict control and testing of all apps. Even the "jailbreak" stores will reject things that aren't as advertised.</p><p>Allow open development, and you've basically got a platform that the bad guys can target. There's already standards for signing code to prove that an app came from who you thought it did.</p></htmltext>
<tokenext>This is something that is far more unlikely to happen on the iPhone because of Apple 's strict control and testing of all apps .
Even the " jailbreak " stores will reject things that are n't as advertised.Allow open development , and you 've basically got a platform that the bad guys can target .
There 's already standards for signing code to prove that an app came from who you thought it did .</tokentext>
<sentencetext>This is something that is far more unlikely to happen on the iPhone because of Apple's strict control and testing of all apps.
Even the "jailbreak" stores will reject things that aren't as advertised.Allow open development, and you've basically got a platform that the bad guys can target.
There's already standards for signing code to prove that an app came from who you thought it did.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719760</id>
	<title>Re:Check for the signed label!</title>
	<author>RMS Eats Toejam</author>
	<datestamp>1263143100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Yes, because so few people use Linux as a desktop OS.  Therefore why bother?</htmltext>
<tokenext>Yes , because so few people use Linux as a desktop OS .
Therefore why bother ?</tokentext>
<sentencetext>Yes, because so few people use Linux as a desktop OS.
Therefore why bother?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718150</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724288</id>
	<title>Re:Check for the signed label!</title>
	<author>Anonymous</author>
	<datestamp>1263231120000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Ubuntu and related ecosystem appeals to a different user base: one that doesn't involve passing bank account information as well as their users don't spend 80\% of their time shopping online (10\% on social/news tools and the other 10\% checking email)--which is what typical, non-computer savvy users do.</p></htmltext>
<tokenext>Ubuntu and related ecosystem appeals to a different user base : one that does n't involve passing bank account information as well as their users do n't spend 80 \ % of their time shopping online ( 10 \ % on social/news tools and the other 10 \ % checking email ) --which is what typical , non-computer savvy users do .</tokentext>
<sentencetext>Ubuntu and related ecosystem appeals to a different user base: one that doesn't involve passing bank account information as well as their users don't spend 80\% of their time shopping online (10\% on social/news tools and the other 10\% checking email)--which is what typical, non-computer savvy users do.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718150</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718378</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>Anonymous</author>
	<datestamp>1263127440000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>Any app that can read my contacts data, my calendar, my email, etc, is sure as hell not getting internet access for "usage statistics" or whatever other lame excuse they give.</p> </div><p>Usage statistics are the only reliable way to get real feedback about how actual users interact with the software (short of having a horde of QA testers that we can't afford). Some of the more useful things that my apps track (anonymized and with the terms stated clearly on install with an opt-out):</p><p>(1) Which settings are most often changed, and to what. This helps us put the most-changed settings near the top and set better defaults. If a setting is changed back and forth a lot, that usually tells that the UI needs widget to control that behavior.</p><p>(2) Which functions are used most or used most together. This helps organize the UI in accord with the most common usage patterns. Many times, we will see that users do the same clusters of things over and over and that lets us combine those into a single task in some fashion.</p><p>(3) What functions/options are almost never used, especially ones we had imagined would be useful. This is usually a sign that we have either totally dropped the ball on implementation or interface or that we don't understand the user's workflow.</p><p>I will admit that this is largely a matter of trust between the developer and the user -- I really can't blame users that opt-out or firewall us because they really don't have a reason to trust us. That said, such distrust does deprive us of very important data that we use to improve our products. I just want to express my deep appreciation for all the users that have let us have their usage statistics -- we really do read and act on them!</p></div>
	</htmltext>
<tokenext>Any app that can read my contacts data , my calendar , my email , etc , is sure as hell not getting internet access for " usage statistics " or whatever other lame excuse they give .
Usage statistics are the only reliable way to get real feedback about how actual users interact with the software ( short of having a horde of QA testers that we ca n't afford ) .
Some of the more useful things that my apps track ( anonymized and with the terms stated clearly on install with an opt-out ) : ( 1 ) Which settings are most often changed , and to what .
This helps us put the most-changed settings near the top and set better defaults .
If a setting is changed back and forth a lot , that usually tells that the UI needs widget to control that behavior .
( 2 ) Which functions are used most or used most together .
This helps organize the UI in accord with the most common usage patterns .
Many times , we will see that users do the same clusters of things over and over and that lets us combine those into a single task in some fashion .
( 3 ) What functions/options are almost never used , especially ones we had imagined would be useful .
This is usually a sign that we have either totally dropped the ball on implementation or interface or that we do n't understand the user 's workflow.I will admit that this is largely a matter of trust between the developer and the user -- I really ca n't blame users that opt-out or firewall us because they really do n't have a reason to trust us .
That said , such distrust does deprive us of very important data that we use to improve our products .
I just want to express my deep appreciation for all the users that have let us have their usage statistics -- we really do read and act on them !</tokentext>
<sentencetext>Any app that can read my contacts data, my calendar, my email, etc, is sure as hell not getting internet access for "usage statistics" or whatever other lame excuse they give.
Usage statistics are the only reliable way to get real feedback about how actual users interact with the software (short of having a horde of QA testers that we can't afford).
Some of the more useful things that my apps track (anonymized and with the terms stated clearly on install with an opt-out):(1) Which settings are most often changed, and to what.
This helps us put the most-changed settings near the top and set better defaults.
If a setting is changed back and forth a lot, that usually tells that the UI needs widget to control that behavior.
(2) Which functions are used most or used most together.
This helps organize the UI in accord with the most common usage patterns.
Many times, we will see that users do the same clusters of things over and over and that lets us combine those into a single task in some fashion.
(3) What functions/options are almost never used, especially ones we had imagined would be useful.
This is usually a sign that we have either totally dropped the ball on implementation or interface or that we don't understand the user's workflow.I will admit that this is largely a matter of trust between the developer and the user -- I really can't blame users that opt-out or firewall us because they really don't have a reason to trust us.
That said, such distrust does deprive us of very important data that we use to improve our products.
I just want to express my deep appreciation for all the users that have let us have their usage statistics -- we really do read and act on them!
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30721722</id>
	<title>apple and others</title>
	<author>pisem</author>
	<datestamp>1263216660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Apples model with their apple store is very stable and profitable solution, look at nokias "OVI" that they recently started to advertise, Nokia goes after apple's success... the only difference apple checks each and every application and Nokia doesnt.. If android will be opened and it seems like it is it will have some "bad guys" in it...</htmltext>
<tokenext>Apples model with their apple store is very stable and profitable solution , look at nokias " OVI " that they recently started to advertise , Nokia goes after apple 's success... the only difference apple checks each and every application and Nokia doesnt.. If android will be opened and it seems like it is it will have some " bad guys " in it.. .</tokentext>
<sentencetext>Apples model with their apple store is very stable and profitable solution, look at nokias "OVI" that they recently started to advertise, Nokia goes after apple's success... the only difference apple checks each and every application and Nokia doesnt.. If android will be opened and it seems like it is it will have some "bad guys" in it...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724740</id>
	<title>Re:Apple's store ain't much better</title>
	<author>Anonymous</author>
	<datestamp>1263233100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>The description doesn't suggest that it's marketed towards Romanian hackers, but the fact that it's by the same company that makes a Romanian radio application and that the company has ads for the credit card app on its Romanian radio app does.  Also, I'm not saying the app is illegal.  Just that it's clearly designed for people who steal credit cards, and that Apple let it pass through, which is definitely against the spirit of its policy, if not the letter.</p></htmltext>
<tokenext>The description does n't suggest that it 's marketed towards Romanian hackers , but the fact that it 's by the same company that makes a Romanian radio application and that the company has ads for the credit card app on its Romanian radio app does .
Also , I 'm not saying the app is illegal .
Just that it 's clearly designed for people who steal credit cards , and that Apple let it pass through , which is definitely against the spirit of its policy , if not the letter .</tokentext>
<sentencetext>The description doesn't suggest that it's marketed towards Romanian hackers, but the fact that it's by the same company that makes a Romanian radio application and that the company has ads for the credit card app on its Romanian radio app does.
Also, I'm not saying the app is illegal.
Just that it's clearly designed for people who steal credit cards, and that Apple let it pass through, which is definitely against the spirit of its policy, if not the letter.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718348</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719600</id>
	<title>damn you apple!</title>
	<author>smash</author>
	<datestamp>1263141480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>... and your app-store vetting process!  *shakes fist*.
<p>
uh... waitasec....</p></htmltext>
<tokenext>... and your app-store vetting process !
* shakes fist * .
uh... waitasec... .</tokentext>
<sentencetext>... and your app-store vetting process!
*shakes fist*.
uh... waitasec....</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719446</id>
	<title>Re:An iPhone-like process?</title>
	<author>Anonymous</author>
	<datestamp>1263139740000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Really? Is that why they pulled the tethering app from the US Android Market?</p></htmltext>
<tokenext>Really ?
Is that why they pulled the tethering app from the US Android Market ?</tokentext>
<sentencetext>Really?
Is that why they pulled the tethering app from the US Android Market?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717966</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720312</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>dotgain</author>
	<datestamp>1263150600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>or until your favorite rom cooker bakes the iptables/ipchains functionality in.</p></div></blockquote><p>
Awesome.  Too help keep me safe from apps written by random strangers, I can flash my firmware with code from random strangers!</p></div>
	</htmltext>
<tokenext>or until your favorite rom cooker bakes the iptables/ipchains functionality in .
Awesome. Too help keep me safe from apps written by random strangers , I can flash my firmware with code from random strangers !</tokentext>
<sentencetext>or until your favorite rom cooker bakes the iptables/ipchains functionality in.
Awesome.  Too help keep me safe from apps written by random strangers, I can flash my firmware with code from random strangers!
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718130</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718822</id>
	<title>Re:An iPhone-like process?</title>
	<author>farble1670</author>
	<datestamp>1263131760000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>iPhone has youtube and pandora among many other apps that have very high network usage. sort of shoots a hole into the theory that AT&amp;T is rejecting based on potential network overload.</p></htmltext>
<tokenext>iPhone has youtube and pandora among many other apps that have very high network usage .
sort of shoots a hole into the theory that AT&amp;T is rejecting based on potential network overload .</tokentext>
<sentencetext>iPhone has youtube and pandora among many other apps that have very high network usage.
sort of shoots a hole into the theory that AT&amp;T is rejecting based on potential network overload.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717966</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718610</id>
	<title>Still early.</title>
	<author>Anonymous</author>
	<datestamp>1263129360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>With Droid marketplace(s) just starting to gain traction I don't feel this is a big deal.  I'm sure the handset manufacturers and Google have a roll out plan for "validating" Droid apps.  The real question will be the "how" they do this as opposed to "if" or "when".<br>The entire Droid program is a great success and I'm positive that Google will have an innovative approach to vetting applications that will both protect users and yet give developers the free reign they need to continue to innovate.<br>I would also argue that most Droid users are more tech savvy and would be harder to fool with malware or fakeware. In contrast, I would argue that the average iphone user is less aware of the threats that abound and simply trusts that Apple will somehow protect their user experience.</p></htmltext>
<tokenext>With Droid marketplace ( s ) just starting to gain traction I do n't feel this is a big deal .
I 'm sure the handset manufacturers and Google have a roll out plan for " validating " Droid apps .
The real question will be the " how " they do this as opposed to " if " or " when " .The entire Droid program is a great success and I 'm positive that Google will have an innovative approach to vetting applications that will both protect users and yet give developers the free reign they need to continue to innovate.I would also argue that most Droid users are more tech savvy and would be harder to fool with malware or fakeware .
In contrast , I would argue that the average iphone user is less aware of the threats that abound and simply trusts that Apple will somehow protect their user experience .</tokentext>
<sentencetext>With Droid marketplace(s) just starting to gain traction I don't feel this is a big deal.
I'm sure the handset manufacturers and Google have a roll out plan for "validating" Droid apps.
The real question will be the "how" they do this as opposed to "if" or "when".The entire Droid program is a great success and I'm positive that Google will have an innovative approach to vetting applications that will both protect users and yet give developers the free reign they need to continue to innovate.I would also argue that most Droid users are more tech savvy and would be harder to fool with malware or fakeware.
In contrast, I would argue that the average iphone user is less aware of the threats that abound and simply trusts that Apple will somehow protect their user experience.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719292</id>
	<title>Of course..</title>
	<author>Skythe</author>
	<datestamp>1263137460000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Each application can be reported on the market (malicious is one of the options), which will be sent straight to Google. On top of that, each application shows it's average rating (out of 5 stars) - apps that are below 3 stars are lucky to even get a view from me, and if they do it always merits an investigation as to why their rating is so low (by reading the comments, all of which are actually quite useful).</htmltext>
<tokenext>Each application can be reported on the market ( malicious is one of the options ) , which will be sent straight to Google .
On top of that , each application shows it 's average rating ( out of 5 stars ) - apps that are below 3 stars are lucky to even get a view from me , and if they do it always merits an investigation as to why their rating is so low ( by reading the comments , all of which are actually quite useful ) .</tokentext>
<sentencetext>Each application can be reported on the market (malicious is one of the options), which will be sent straight to Google.
On top of that, each application shows it's average rating (out of 5 stars) - apps that are below 3 stars are lucky to even get a view from me, and if they do it always merits an investigation as to why their rating is so low (by reading the comments, all of which are actually quite useful).</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718200</id>
	<title>Reserved words?</title>
	<author>Darkness404</author>
	<datestamp>1263126060000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>What if the Android market would reserve a few words for only legitimate organizations? For example, apps would need to be certified to appear in an online banking part of the store, and there would be no certification other than Google contacting the company and making sure this is the app they made. For example, if someone submits an app with "Bank of America" in the description (or something) the Android market puts a big red heading saying <b> This app was not developed by Bank of America, do not give out sensitive financial details </b> over the app? It isn't restrictive because it still is open development yet it weeds out phishing apps.</htmltext>
<tokenext>What if the Android market would reserve a few words for only legitimate organizations ?
For example , apps would need to be certified to appear in an online banking part of the store , and there would be no certification other than Google contacting the company and making sure this is the app they made .
For example , if someone submits an app with " Bank of America " in the description ( or something ) the Android market puts a big red heading saying This app was not developed by Bank of America , do not give out sensitive financial details over the app ?
It is n't restrictive because it still is open development yet it weeds out phishing apps .</tokentext>
<sentencetext>What if the Android market would reserve a few words for only legitimate organizations?
For example, apps would need to be certified to appear in an online banking part of the store, and there would be no certification other than Google contacting the company and making sure this is the app they made.
For example, if someone submits an app with "Bank of America" in the description (or something) the Android market puts a big red heading saying  This app was not developed by Bank of America, do not give out sensitive financial details  over the app?
It isn't restrictive because it still is open development yet it weeds out phishing apps.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214</id>
	<title>Re:Check for the signed label!</title>
	<author>Anonymous</author>
	<datestamp>1263126120000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p>Um, no.</p><p>Apple's certification process is unlikely to uncover an app like this.  Assuming the app appears to do something 'real' [which I assume it does, as people download and use it], you can have the app access a web page that tells the app if it should harvest data or not.  You simply don't enable the harvesting until after Apple has accepted it into the App Store.  Black box testing won't uncover it, and static program analysis is unlikely to either [short of the app obviously using restricted APIs].  And apps can poke around the system, and I think even other apps data without even needing to hardcode in paths.</p><p>Now, it might be easier to Apple to be able to trace where exactly the app came from than it is for Google...</p></htmltext>
<tokenext>Um , no.Apple 's certification process is unlikely to uncover an app like this .
Assuming the app appears to do something 'real ' [ which I assume it does , as people download and use it ] , you can have the app access a web page that tells the app if it should harvest data or not .
You simply do n't enable the harvesting until after Apple has accepted it into the App Store .
Black box testing wo n't uncover it , and static program analysis is unlikely to either [ short of the app obviously using restricted APIs ] .
And apps can poke around the system , and I think even other apps data without even needing to hardcode in paths.Now , it might be easier to Apple to be able to trace where exactly the app came from than it is for Google.. .</tokentext>
<sentencetext>Um, no.Apple's certification process is unlikely to uncover an app like this.
Assuming the app appears to do something 'real' [which I assume it does, as people download and use it], you can have the app access a web page that tells the app if it should harvest data or not.
You simply don't enable the harvesting until after Apple has accepted it into the App Store.
Black box testing won't uncover it, and static program analysis is unlikely to either [short of the app obviously using restricted APIs].
And apps can poke around the system, and I think even other apps data without even needing to hardcode in paths.Now, it might be easier to Apple to be able to trace where exactly the app came from than it is for Google...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719894</id>
	<title>Re:Check for the signed label!</title>
	<author>Anonymous</author>
	<datestamp>1263144720000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>There's also NSTL certification. Many others already do that.</p><p><a href="http://www.nstl.com/mobile/mobile\_certification.asp" title="nstl.com" rel="nofollow">http://www.nstl.com/mobile/mobile\_certification.asp</a> [nstl.com]</p><p>So then Apple has their certification program, others have their own or use NSTL... that currently leaves Android as the open but uncertified platform.</p><p>Use Android developed apps at your own risk? Sorry, no thanks. I'll choose one of the closed/certified platforms thank you very much.</p></htmltext>
<tokenext>There 's also NSTL certification .
Many others already do that.http : //www.nstl.com/mobile/mobile \ _certification.asp [ nstl.com ] So then Apple has their certification program , others have their own or use NSTL... that currently leaves Android as the open but uncertified platform.Use Android developed apps at your own risk ?
Sorry , no thanks .
I 'll choose one of the closed/certified platforms thank you very much .</tokentext>
<sentencetext>There's also NSTL certification.
Many others already do that.http://www.nstl.com/mobile/mobile\_certification.asp [nstl.com]So then Apple has their certification program, others have their own or use NSTL... that currently leaves Android as the open but uncertified platform.Use Android developed apps at your own risk?
Sorry, no thanks.
I'll choose one of the closed/certified platforms thank you very much.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718788</id>
	<title>old problem new platform</title>
	<author>Anonymous</author>
	<datestamp>1263131340000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>This is just the same old phishing attack moved to a new platform. This is no different then directing a web users to a fraudulent banking site.<br> <br>

The fault here lies primarily with the user, but seeing as we cant force the users to be smarter the onus for defeating this attack relies on the bank. Banks can do a variety of things to prevent such phishing attacks from working such as using 2 factor authentication and One Time Passwords. OTP works best when being used for transactions rather then logins, my bank will SMS me a code when I want to make a transaction to another account so even if a phisher has my password, they need my phone to do anything (plus this is a dead give-away that a phisher has gained my password). Banks could also issue a private key to official applications and block any application that does not have the key (granted this is less useful and may be easily defeated)<br> <br>

Iphone style lock downs will not work as they do not address the real problem of phishing and only serve to limit the platform. This isn't a fault with Android, this requires the user to initiate the attack, nor is it self replicating.</htmltext>
<tokenext>This is just the same old phishing attack moved to a new platform .
This is no different then directing a web users to a fraudulent banking site .
The fault here lies primarily with the user , but seeing as we cant force the users to be smarter the onus for defeating this attack relies on the bank .
Banks can do a variety of things to prevent such phishing attacks from working such as using 2 factor authentication and One Time Passwords .
OTP works best when being used for transactions rather then logins , my bank will SMS me a code when I want to make a transaction to another account so even if a phisher has my password , they need my phone to do anything ( plus this is a dead give-away that a phisher has gained my password ) .
Banks could also issue a private key to official applications and block any application that does not have the key ( granted this is less useful and may be easily defeated ) Iphone style lock downs will not work as they do not address the real problem of phishing and only serve to limit the platform .
This is n't a fault with Android , this requires the user to initiate the attack , nor is it self replicating .</tokentext>
<sentencetext>This is just the same old phishing attack moved to a new platform.
This is no different then directing a web users to a fraudulent banking site.
The fault here lies primarily with the user, but seeing as we cant force the users to be smarter the onus for defeating this attack relies on the bank.
Banks can do a variety of things to prevent such phishing attacks from working such as using 2 factor authentication and One Time Passwords.
OTP works best when being used for transactions rather then logins, my bank will SMS me a code when I want to make a transaction to another account so even if a phisher has my password, they need my phone to do anything (plus this is a dead give-away that a phisher has gained my password).
Banks could also issue a private key to official applications and block any application that does not have the key (granted this is less useful and may be easily defeated) 

Iphone style lock downs will not work as they do not address the real problem of phishing and only serve to limit the platform.
This isn't a fault with Android, this requires the user to initiate the attack, nor is it self replicating.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718808</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>farble1670</author>
	<datestamp>1263131520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>in this case, if you downloaded an app that you thought was a legit banking app, you would have just added it to the whitelist.</p></htmltext>
<tokenext>in this case , if you downloaded an app that you thought was a legit banking app , you would have just added it to the whitelist .</tokentext>
<sentencetext>in this case, if you downloaded an app that you thought was a legit banking app, you would have just added it to the whitelist.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717958</id>
	<title>Apple's store ain't much better</title>
	<author>Anonymous</author>
	<datestamp>1263124560000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>Apple's policy ain't foolproof either.  I found an app designed for validating stolen credit cards, marketed to Romanian hackers:</p><p>http://rationalitate.blogspot.com/2009/12/credit-card-stealing-app-in-apples.html</p></htmltext>
<tokenext>Apple 's policy ai n't foolproof either .
I found an app designed for validating stolen credit cards , marketed to Romanian hackers : http : //rationalitate.blogspot.com/2009/12/credit-card-stealing-app-in-apples.html</tokentext>
<sentencetext>Apple's policy ain't foolproof either.
I found an app designed for validating stolen credit cards, marketed to Romanian hackers:http://rationalitate.blogspot.com/2009/12/credit-card-stealing-app-in-apples.html</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718344</id>
	<title>Re:An iPhone-like process?</title>
	<author>A1rmanCha1rman</author>
	<datestamp>1263127200000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>An iPhone-like vetting process would be "we'll reject it if we don't like the look of it". How about "Linux-distro style vetting process"?</p></div><p>The iPhone vetting process is closer to Slifox's "error on the side of caution" method on his outbound firewall, with the default being set to DROP (deny the app), followed by a specific whitelist (approved apps subject to continuous monitor for "good behaviour").</p><p>Quite a number of approved apps in the iPhone App Store have been caught out doing naughty things like accessing and sending "home" users' Contacts - email addresses, phone numbers and home/work addresses - where they really had no business requiring such information for their function (battery charge display apps, games etc) and have promptly been expelled from the app store - quite rightly in my opinion.</p><p>The price of true freedom is eternal vigilance, not laissez-faire do-what-you-please laxity...</p></div>
	</htmltext>
<tokenext>An iPhone-like vetting process would be " we 'll reject it if we do n't like the look of it " .
How about " Linux-distro style vetting process " ? The iPhone vetting process is closer to Slifox 's " error on the side of caution " method on his outbound firewall , with the default being set to DROP ( deny the app ) , followed by a specific whitelist ( approved apps subject to continuous monitor for " good behaviour " ) .Quite a number of approved apps in the iPhone App Store have been caught out doing naughty things like accessing and sending " home " users ' Contacts - email addresses , phone numbers and home/work addresses - where they really had no business requiring such information for their function ( battery charge display apps , games etc ) and have promptly been expelled from the app store - quite rightly in my opinion.The price of true freedom is eternal vigilance , not laissez-faire do-what-you-please laxity.. .</tokentext>
<sentencetext>An iPhone-like vetting process would be "we'll reject it if we don't like the look of it".
How about "Linux-distro style vetting process"?The iPhone vetting process is closer to Slifox's "error on the side of caution" method on his outbound firewall, with the default being set to DROP (deny the app), followed by a specific whitelist (approved apps subject to continuous monitor for "good behaviour").Quite a number of approved apps in the iPhone App Store have been caught out doing naughty things like accessing and sending "home" users' Contacts - email addresses, phone numbers and home/work addresses - where they really had no business requiring such information for their function (battery charge display apps, games etc) and have promptly been expelled from the app store - quite rightly in my opinion.The price of true freedom is eternal vigilance, not laissez-faire do-what-you-please laxity...
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720370</id>
	<title>I doubt Apple is any better</title>
	<author>pydev</author>
	<datestamp>1263151560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Do you seriously think that Apple is capable of performing security audits on every app they approve?  The primary criteria in their approval process are going to be whether the app might be offensive to someone and whether it competes with Apple's core business.</p></htmltext>
<tokenext>Do you seriously think that Apple is capable of performing security audits on every app they approve ?
The primary criteria in their approval process are going to be whether the app might be offensive to someone and whether it competes with Apple 's core business .</tokentext>
<sentencetext>Do you seriously think that Apple is capable of performing security audits on every app they approve?
The primary criteria in their approval process are going to be whether the app might be offensive to someone and whether it competes with Apple's core business.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720148</id>
	<title>Money for Google?</title>
	<author>srothroc</author>
	<datestamp>1263148560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Google could make some money here, I think. This is a chance to implement a "Google Verified" or "Google Trusted" program where any developer can submit their application to Google, along with a processing fee, for the vetting process that would check their application; if it passes, they could get a small badge and a searchable tag. People would then have the option to either download only verified applications or whatever they wanted. I imagine that financial applications or those that handle serious amounts of personal data would want to go for the vetting process.</htmltext>
<tokenext>Google could make some money here , I think .
This is a chance to implement a " Google Verified " or " Google Trusted " program where any developer can submit their application to Google , along with a processing fee , for the vetting process that would check their application ; if it passes , they could get a small badge and a searchable tag .
People would then have the option to either download only verified applications or whatever they wanted .
I imagine that financial applications or those that handle serious amounts of personal data would want to go for the vetting process .</tokentext>
<sentencetext>Google could make some money here, I think.
This is a chance to implement a "Google Verified" or "Google Trusted" program where any developer can submit their application to Google, along with a processing fee, for the vetting process that would check their application; if it passes, they could get a small badge and a searchable tag.
People would then have the option to either download only verified applications or whatever they wanted.
I imagine that financial applications or those that handle serious amounts of personal data would want to go for the vetting process.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719066</id>
	<title>Where is the evil DRM protection when you need it?</title>
	<author>Punto</author>
	<datestamp>1263134520000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>on any other platform, you wouldn't need to remove software from "Droid09", your overlord would remove it for you, along with any other subversive material that might be on the device that you're borrowing from them</p></htmltext>
<tokenext>on any other platform , you would n't need to remove software from " Droid09 " , your overlord would remove it for you , along with any other subversive material that might be on the device that you 're borrowing from them</tokentext>
<sentencetext>on any other platform, you wouldn't need to remove software from "Droid09", your overlord would remove it for you, along with any other subversive material that might be on the device that you're borrowing from them</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720184</id>
	<title>Then the developer is screwed</title>
	<author>SuperKendall</author>
	<datestamp>1263148800000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p><i>Assuming the app appears to do something 'real' [which I assume it does, as people download and use it], you can have the app access a web page that tells the app if it should harvest data or not. You simply don't enable the harvesting until after Apple has accepted it into the App Store.</i></p><p>And then what do you do about the fact that you have given Apple and address they have verified, and paid for a $99 developer account via some means they can tract back to you, along with probably given them your bank account number and routing code?</p><p>That's a lot of exposure for a scam that's likely to be shut down in under a day.</p></htmltext>
<tokenext>Assuming the app appears to do something 'real ' [ which I assume it does , as people download and use it ] , you can have the app access a web page that tells the app if it should harvest data or not .
You simply do n't enable the harvesting until after Apple has accepted it into the App Store.And then what do you do about the fact that you have given Apple and address they have verified , and paid for a $ 99 developer account via some means they can tract back to you , along with probably given them your bank account number and routing code ? That 's a lot of exposure for a scam that 's likely to be shut down in under a day .</tokentext>
<sentencetext>Assuming the app appears to do something 'real' [which I assume it does, as people download and use it], you can have the app access a web page that tells the app if it should harvest data or not.
You simply don't enable the harvesting until after Apple has accepted it into the App Store.And then what do you do about the fact that you have given Apple and address they have verified, and paid for a $99 developer account via some means they can tract back to you, along with probably given them your bank account number and routing code?That's a lot of exposure for a scam that's likely to be shut down in under a day.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720256</id>
	<title>Or it's an app for merchants.  Think please.</title>
	<author>SuperKendall</author>
	<datestamp>1263149820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><i>I found an app designed for validating stolen credit cards</i></p><p>Come on, an app that simply validates credit cards and you can see NO VALID USE?</p><p>What if you are a merchant at at art festival collecting credit card numbers for payment and you use this just to validate a CC card you are being presented is good?</p><p>If you thought even a little about it, the app is terrible for hackers who deal with number lists running into hundreds of thousands of CC numbers.  You don't think they have a batch operation to check those in bulk already instead of typing EVERY SINGLE ONE into the iPhone keyboard?  Come on!</p><p>You must be a basketball player, because that's quite a reach you have there.</p></htmltext>
<tokenext>I found an app designed for validating stolen credit cardsCome on , an app that simply validates credit cards and you can see NO VALID USE ? What if you are a merchant at at art festival collecting credit card numbers for payment and you use this just to validate a CC card you are being presented is good ? If you thought even a little about it , the app is terrible for hackers who deal with number lists running into hundreds of thousands of CC numbers .
You do n't think they have a batch operation to check those in bulk already instead of typing EVERY SINGLE ONE into the iPhone keyboard ?
Come on ! You must be a basketball player , because that 's quite a reach you have there .</tokentext>
<sentencetext>I found an app designed for validating stolen credit cardsCome on, an app that simply validates credit cards and you can see NO VALID USE?What if you are a merchant at at art festival collecting credit card numbers for payment and you use this just to validate a CC card you are being presented is good?If you thought even a little about it, the app is terrible for hackers who deal with number lists running into hundreds of thousands of CC numbers.
You don't think they have a batch operation to check those in bulk already instead of typing EVERY SINGLE ONE into the iPhone keyboard?
Come on!You must be a basketball player, because that's quite a reach you have there.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717958</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718960</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>sootman</author>
	<datestamp>1263133200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Yeah, and that's going to solve a very, <em>very</em> small batch of problems. Everyone could start doing this tomorrow, and then a malicious dev will write a get-a-free-LOLcat-wallpaper-every-day app and pwn half of the Android phones out there.</p></htmltext>
<tokenext>Yeah , and that 's going to solve a very , very small batch of problems .
Everyone could start doing this tomorrow , and then a malicious dev will write a get-a-free-LOLcat-wallpaper-every-day app and pwn half of the Android phones out there .</tokentext>
<sentencetext>Yeah, and that's going to solve a very, very small batch of problems.
Everyone could start doing this tomorrow, and then a malicious dev will write a get-a-free-LOLcat-wallpaper-every-day app and pwn half of the Android phones out there.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718856</id>
	<title>um...I tried to post this story last week</title>
	<author>stephen.schaubach</author>
	<datestamp>1263132000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>http://slashdot.org/submission/1146708/mobile-phone-banking-apps-for-fun-and-profit?art\_pos=2<nobr> <wbr></nobr>...writes "While checking out Google's Android app store I searched for a banking app to use with my bank. I was surprised to see three mobile apps listed and none of them released from the bank itself. I cannot say what any of these apps are doing behind the scenes for sure but the mobile app could certainly swipe your credentials and connect you to the bank at the same time a lot more convincingly than any phishing site could. Is this the beginning of mobile app phishing? It's hard to believe nobody at the app store end is checking to see if the app has been legitimately released/signed from the actual bank it's representing. It makes me wonder what other apps are out there mining people's personal data, phishing, etc. and what can be done about this potential risk to safeguard the general public? Has anyone else run into similar situations? Anti-phishing software like Nokia's Free Anti-Phishing app or mobile Safari's similar feature wouldn't protect the mobile user from an application doing something in via code behind the scenes. Perhaps only a code walk-through or a legit certificate would remedy this situation. Any thoughts?"</p></htmltext>
<tokenext>http : //slashdot.org/submission/1146708/mobile-phone-banking-apps-for-fun-and-profit ? art \ _pos = 2 ...writes " While checking out Google 's Android app store I searched for a banking app to use with my bank .
I was surprised to see three mobile apps listed and none of them released from the bank itself .
I can not say what any of these apps are doing behind the scenes for sure but the mobile app could certainly swipe your credentials and connect you to the bank at the same time a lot more convincingly than any phishing site could .
Is this the beginning of mobile app phishing ?
It 's hard to believe nobody at the app store end is checking to see if the app has been legitimately released/signed from the actual bank it 's representing .
It makes me wonder what other apps are out there mining people 's personal data , phishing , etc .
and what can be done about this potential risk to safeguard the general public ?
Has anyone else run into similar situations ?
Anti-phishing software like Nokia 's Free Anti-Phishing app or mobile Safari 's similar feature would n't protect the mobile user from an application doing something in via code behind the scenes .
Perhaps only a code walk-through or a legit certificate would remedy this situation .
Any thoughts ?
"</tokentext>
<sentencetext>http://slashdot.org/submission/1146708/mobile-phone-banking-apps-for-fun-and-profit?art\_pos=2 ...writes "While checking out Google's Android app store I searched for a banking app to use with my bank.
I was surprised to see three mobile apps listed and none of them released from the bank itself.
I cannot say what any of these apps are doing behind the scenes for sure but the mobile app could certainly swipe your credentials and connect you to the bank at the same time a lot more convincingly than any phishing site could.
Is this the beginning of mobile app phishing?
It's hard to believe nobody at the app store end is checking to see if the app has been legitimately released/signed from the actual bank it's representing.
It makes me wonder what other apps are out there mining people's personal data, phishing, etc.
and what can be done about this potential risk to safeguard the general public?
Has anyone else run into similar situations?
Anti-phishing software like Nokia's Free Anti-Phishing app or mobile Safari's similar feature wouldn't protect the mobile user from an application doing something in via code behind the scenes.
Perhaps only a code walk-through or a legit certificate would remedy this situation.
Any thoughts?
"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717812</id>
	<title>Congratulations, you've made it to the big time!</title>
	<author>Anonymous</author>
	<datestamp>1263123540000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext>It's Droid09 software... finally, the makers of Antivirus 2009 and AntiVir have taken their software writing talents to the Android platform! Download now.</htmltext>
<tokenext>It 's Droid09 software... finally , the makers of Antivirus 2009 and AntiVir have taken their software writing talents to the Android platform !
Download now .</tokentext>
<sentencetext>It's Droid09 software... finally, the makers of Antivirus 2009 and AntiVir have taken their software writing talents to the Android platform!
Download now.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719430</id>
	<title>Re:Apple's store ain't much better</title>
	<author>dangitman</author>
	<datestamp>1263139440000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Basically, there's nothing in the app description or screenshots to suggest that the application, which uses only publicly available knowledge, violates any of the terms of Apple's app policy.</p></div><p>What about the "we may reject your application for any reason whatsoever" clause of Apple's policy?</p></div>
	</htmltext>
<tokenext>Basically , there 's nothing in the app description or screenshots to suggest that the application , which uses only publicly available knowledge , violates any of the terms of Apple 's app policy.What about the " we may reject your application for any reason whatsoever " clause of Apple 's policy ?</tokentext>
<sentencetext>Basically, there's nothing in the app description or screenshots to suggest that the application, which uses only publicly available knowledge, violates any of the terms of Apple's app policy.What about the "we may reject your application for any reason whatsoever" clause of Apple's policy?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718348</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30733238</id>
	<title>Re:Congratulations, you've made it to the big time</title>
	<author>Laebshade</author>
	<datestamp>1263230220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>"used to"?  It still is: <a href="http://www.free-av.com/en/products/1/avira\_antivir\_personal\_\_free\_antivirus.html" title="free-av.com">http://www.free-av.com/en/products/1/avira\_antivir\_personal\_\_free\_antivirus.html</a> [free-av.com] - and the premium version, clearly labeled, "Avira AntiVir Premium", is sold in the shop I work.</p></htmltext>
<tokenext>" used to " ?
It still is : http : //www.free-av.com/en/products/1/avira \ _antivir \ _personal \ _ \ _free \ _antivirus.html [ free-av.com ] - and the premium version , clearly labeled , " Avira AntiVir Premium " , is sold in the shop I work .</tokentext>
<sentencetext>"used to"?
It still is: http://www.free-av.com/en/products/1/avira\_antivir\_personal\_\_free\_antivirus.html [free-av.com] - and the premium version, clearly labeled, "Avira AntiVir Premium", is sold in the shop I work.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719228</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718398</id>
	<title>Re:Reserved words?</title>
	<author>Anonymous</author>
	<datestamp>1263127620000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Phishing may not be solved. Also, I can imagine multiple entities with the same name in different countries, etc. etc.</p></htmltext>
<tokenext>Phishing may not be solved .
Also , I can imagine multiple entities with the same name in different countries , etc .
etc .</tokentext>
<sentencetext>Phishing may not be solved.
Also, I can imagine multiple entities with the same name in different countries, etc.
etc.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718200</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718062</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>mmurphy000</author>
	<datestamp>1263125280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation)</p></div></blockquote><p>I'm sure you know this, but for other readers of your post -- just as there is a permission to read contacts and such, there is a permission apps have to request to gain access to the Internet. So, at install time, you can read through the list of requested permissions and take appropriate action. For example, I rarely install ones that ask for my contacts and for the Internet, even presumably reputable apps like the Evernote client.</p><p>What you can't do is later change your mind (other than to uninstall the app) or selectively grant permissions. Your iptables trick lets you change your mind on the Internet permission, in effect.</p></div>
	</htmltext>
<tokenext>I wish this functionality was built into the OS , rather than having to do it manually ( for example , a way to disallow internet access during installation ) I 'm sure you know this , but for other readers of your post -- just as there is a permission to read contacts and such , there is a permission apps have to request to gain access to the Internet .
So , at install time , you can read through the list of requested permissions and take appropriate action .
For example , I rarely install ones that ask for my contacts and for the Internet , even presumably reputable apps like the Evernote client.What you ca n't do is later change your mind ( other than to uninstall the app ) or selectively grant permissions .
Your iptables trick lets you change your mind on the Internet permission , in effect .</tokentext>
<sentencetext>I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation)I'm sure you know this, but for other readers of your post -- just as there is a permission to read contacts and such, there is a permission apps have to request to gain access to the Internet.
So, at install time, you can read through the list of requested permissions and take appropriate action.
For example, I rarely install ones that ask for my contacts and for the Internet, even presumably reputable apps like the Evernote client.What you can't do is later change your mind (other than to uninstall the app) or selectively grant permissions.
Your iptables trick lets you change your mind on the Internet permission, in effect.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718342</id>
	<title>Precedented</title>
	<author>pgn674</author>
	<datestamp>1263127140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>It wouldn't be unprecedented, as the Internet has places like SnapFiles and CNET for multiple operating system verified-OK application download hosting.</htmltext>
<tokenext>It would n't be unprecedented , as the Internet has places like SnapFiles and CNET for multiple operating system verified-OK application download hosting .</tokentext>
<sentencetext>It wouldn't be unprecedented, as the Internet has places like SnapFiles and CNET for multiple operating system verified-OK application download hosting.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718464</id>
	<title>Boring</title>
	<author>ascari</author>
	<datestamp>1263128040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>When I saw "android market" I had visions of Star wars and little Annikin. Turned out to be about some stupid phone. Yawn.</htmltext>
<tokenext>When I saw " android market " I had visions of Star wars and little Annikin .
Turned out to be about some stupid phone .
Yawn .</tokentext>
<sentencetext>When I saw "android market" I had visions of Star wars and little Annikin.
Turned out to be about some stupid phone.
Yawn.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718898</id>
	<title>Re:Separate passcode locked to a verified device</title>
	<author>LostCluster</author>
	<datestamp>1263132600000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>That prevents the problem of somebody bringing in a mobile device and claiming to be you... but doesn't stop you from giving your main password to a false app that asks for it.</p></htmltext>
<tokenext>That prevents the problem of somebody bringing in a mobile device and claiming to be you... but does n't stop you from giving your main password to a false app that asks for it .</tokentext>
<sentencetext>That prevents the problem of somebody bringing in a mobile device and claiming to be you... but doesn't stop you from giving your main password to a false app that asks for it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718314</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718806</id>
	<title>My vetting process is simple. . .</title>
	<author>JSBiff</author>
	<datestamp>1263131520000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>Why on Earth would you download a 'bank' app from anyone other than *YOUR BANK*? I'm only gonna do online banking from the website or apps provided to me directly from my bank. I'm not gonna download anything from the Android market, from some random user, and do banking with it. Who thinks that it's a good idea to do 'banking' with an app by a random developer? I mean, *maybe*, maybe if it was someone large and established, like IBM, Google, Microsoft, or Apple, I *might* consider using third party software, but certainly not anyone I've never heard of before.</p></htmltext>
<tokenext>Why on Earth would you download a 'bank ' app from anyone other than * YOUR BANK * ?
I 'm only gon na do online banking from the website or apps provided to me directly from my bank .
I 'm not gon na download anything from the Android market , from some random user , and do banking with it .
Who thinks that it 's a good idea to do 'banking ' with an app by a random developer ?
I mean , * maybe * , maybe if it was someone large and established , like IBM , Google , Microsoft , or Apple , I * might * consider using third party software , but certainly not anyone I 've never heard of before .</tokentext>
<sentencetext>Why on Earth would you download a 'bank' app from anyone other than *YOUR BANK*?
I'm only gonna do online banking from the website or apps provided to me directly from my bank.
I'm not gonna download anything from the Android market, from some random user, and do banking with it.
Who thinks that it's a good idea to do 'banking' with an app by a random developer?
I mean, *maybe*, maybe if it was someone large and established, like IBM, Google, Microsoft, or Apple, I *might* consider using third party software, but certainly not anyone I've never heard of before.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30722594</id>
	<title>well, duh!</title>
	<author>ThirdPrize</author>
	<datestamp>1263222780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Has the last 20 years of computing taught us nothing?</p></htmltext>
<tokenext>Has the last 20 years of computing taught us nothing ?</tokentext>
<sentencetext>Has the last 20 years of computing taught us nothing?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718038</id>
	<title>Re:An iPhone-like process?</title>
	<author>Anonymous</author>
	<datestamp>1263125160000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><p>An iPhone-like vetting process would be "we'll reject it if we don't like the look of it". How about "Linux-distro style vetting process"?</p></div><p>Multiple repositories solve part of the problem, but more then just vetting the repository as a whole we need to score/rank/blacklist/require individual applications and authors. What friends think of an application is much more important than the "average" score of everyone. IT departments need to add/update/remove applications for workers phones, but also let the end user manage applications. Ban lists need to be available in a form that lets the end user (or their tech. support) decide what to trust.
<br> <br>
It's amazing that such a big industry has such crappy tools to manage applications. Making things "just work" for the end user does not need to mean a monopoly or tyrant controlling the (only) store.</p></div>
	</htmltext>
<tokenext>An iPhone-like vetting process would be " we 'll reject it if we do n't like the look of it " .
How about " Linux-distro style vetting process " ? Multiple repositories solve part of the problem , but more then just vetting the repository as a whole we need to score/rank/blacklist/require individual applications and authors .
What friends think of an application is much more important than the " average " score of everyone .
IT departments need to add/update/remove applications for workers phones , but also let the end user manage applications .
Ban lists need to be available in a form that lets the end user ( or their tech .
support ) decide what to trust .
It 's amazing that such a big industry has such crappy tools to manage applications .
Making things " just work " for the end user does not need to mean a monopoly or tyrant controlling the ( only ) store .</tokentext>
<sentencetext>An iPhone-like vetting process would be "we'll reject it if we don't like the look of it".
How about "Linux-distro style vetting process"?Multiple repositories solve part of the problem, but more then just vetting the repository as a whole we need to score/rank/blacklist/require individual applications and authors.
What friends think of an application is much more important than the "average" score of everyone.
IT departments need to add/update/remove applications for workers phones, but also let the end user manage applications.
Ban lists need to be available in a form that lets the end user (or their tech.
support) decide what to trust.
It's amazing that such a big industry has such crappy tools to manage applications.
Making things "just work" for the end user does not need to mean a monopoly or tyrant controlling the (only) store.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30725436</id>
	<title>Re:Check for the signed label!</title>
	<author>ceoyoyo</author>
	<datestamp>1263235560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Grabbing information you shouldn't have on the iPhone is likely going to require using restricted SDKs.  Apps on the iPhone OS are quite well sandboxed.  iPhone apps can definitely NOT poke around other apps' data, nor the system.</p></htmltext>
<tokenext>Grabbing information you should n't have on the iPhone is likely going to require using restricted SDKs .
Apps on the iPhone OS are quite well sandboxed .
iPhone apps can definitely NOT poke around other apps ' data , nor the system .</tokentext>
<sentencetext>Grabbing information you shouldn't have on the iPhone is likely going to require using restricted SDKs.
Apps on the iPhone OS are quite well sandboxed.
iPhone apps can definitely NOT poke around other apps' data, nor the system.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717966</id>
	<title>Re:An iPhone-like process?</title>
	<author>LostCluster</author>
	<datestamp>1263124620000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>iPhone's vetting process has a "AT&amp;T doesn't like it, so Apple will deny" clause that the jailbreak stores don't. Apple then claims that jailbroken apps could be trojans that will overload AT&amp;T's network.</p><p>Google seems to be taking a "we'll do what we want and carriers can't stop us" attitude. Good luck with that.</p></htmltext>
<tokenext>iPhone 's vetting process has a " AT&amp;T does n't like it , so Apple will deny " clause that the jailbreak stores do n't .
Apple then claims that jailbroken apps could be trojans that will overload AT&amp;T 's network.Google seems to be taking a " we 'll do what we want and carriers ca n't stop us " attitude .
Good luck with that .</tokentext>
<sentencetext>iPhone's vetting process has a "AT&amp;T doesn't like it, so Apple will deny" clause that the jailbreak stores don't.
Apple then claims that jailbroken apps could be trojans that will overload AT&amp;T's network.Google seems to be taking a "we'll do what we want and carriers can't stop us" attitude.
Good luck with that.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718130</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>Anonymous</author>
	<datestamp>1263125640000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext><p>One caveat:  Droidwall doesn't work on Android devices which don't have iptables, such as the CLIQ, DEXT, or others.  So, if you don't have an HTC phone, don't bother with this app until the handset maker pushes out 2.1, or until your favorite rom cooker bakes the iptables/ipchains functionality in.</p></htmltext>
<tokenext>One caveat : Droidwall does n't work on Android devices which do n't have iptables , such as the CLIQ , DEXT , or others .
So , if you do n't have an HTC phone , do n't bother with this app until the handset maker pushes out 2.1 , or until your favorite rom cooker bakes the iptables/ipchains functionality in .</tokentext>
<sentencetext>One caveat:  Droidwall doesn't work on Android devices which don't have iptables, such as the CLIQ, DEXT, or others.
So, if you don't have an HTC phone, don't bother with this app until the handset maker pushes out 2.1, or until your favorite rom cooker bakes the iptables/ipchains functionality in.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718084</id>
	<title>Re:Check for the signed label!</title>
	<author>sznupi</author>
	<datestamp>1263125460000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>This is why we can't have nice things.</p><p>And I'm sure US cellphone carriers can't wait for more malicious apps.</p></htmltext>
<tokenext>This is why we ca n't have nice things.And I 'm sure US cellphone carriers ca n't wait for more malicious apps .</tokentext>
<sentencetext>This is why we can't have nice things.And I'm sure US cellphone carriers can't wait for more malicious apps.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718314</id>
	<title>Separate passcode locked to a verified device</title>
	<author>Anonymous</author>
	<datestamp>1263126960000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext>One of the things my bank does for their mobile banking application (which is contracted out to another company) is to give you a special code that is akin to a extra "mobile password." You get this code from the bank's website after putting in your mobile phone number. You then must enter it on your phone and "activate" that phone to access your account.  At any time also, you can go into the website and "deactivate" the device.  At no time do you ever enter your banking login details into your phone, only this special code which is tied to you phone number, mobile OS, and carrier (that you can deactivate at any time) is entered into your phone.

<br> <br>
It's not perfect security, but it certainly puts up a few more decent hurdles against phishing.</htmltext>
<tokenext>One of the things my bank does for their mobile banking application ( which is contracted out to another company ) is to give you a special code that is akin to a extra " mobile password .
" You get this code from the bank 's website after putting in your mobile phone number .
You then must enter it on your phone and " activate " that phone to access your account .
At any time also , you can go into the website and " deactivate " the device .
At no time do you ever enter your banking login details into your phone , only this special code which is tied to you phone number , mobile OS , and carrier ( that you can deactivate at any time ) is entered into your phone .
It 's not perfect security , but it certainly puts up a few more decent hurdles against phishing .</tokentext>
<sentencetext>One of the things my bank does for their mobile banking application (which is contracted out to another company) is to give you a special code that is akin to a extra "mobile password.
" You get this code from the bank's website after putting in your mobile phone number.
You then must enter it on your phone and "activate" that phone to access your account.
At any time also, you can go into the website and "deactivate" the device.
At no time do you ever enter your banking login details into your phone, only this special code which is tied to you phone number, mobile OS, and carrier (that you can deactivate at any time) is entered into your phone.
It's not perfect security, but it certainly puts up a few more decent hurdles against phishing.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718046</id>
	<title>Re:An iPhone-like process?</title>
	<author>QuantumG</author>
	<datestamp>1263125220000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>No, the iPhone vetting process is unashamedly "that competes with us, denied!"</p></htmltext>
<tokenext>No , the iPhone vetting process is unashamedly " that competes with us , denied !
"</tokentext>
<sentencetext>No, the iPhone vetting process is unashamedly "that competes with us, denied!
"</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719012</id>
	<title>Re:An iPhone-like process?</title>
	<author>The End Of Days</author>
	<datestamp>1263133740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>What's that, make sure there aren't any users so malware writers don't bother targeting you?</p><p>I am almost kidding....</p></htmltext>
<tokenext>What 's that , make sure there are n't any users so malware writers do n't bother targeting you ? I am almost kidding... .</tokentext>
<sentencetext>What's that, make sure there aren't any users so malware writers don't bother targeting you?I am almost kidding....</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</id>
	<title>Use an Outbound Firewall</title>
	<author>slifox</author>
	<datestamp>1263123840000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>5</modscore>
	<htmltext>One great app I use is DroidWall, which is a simple GUI for iptables. <br>
I set the default outbound policy to DROP, then specifically whitelist the apps that should reasonably have access to the internet.
<br> <br>
Since Android apps have to specifically declare the privileges they require before installation (such as ability to read contact data, internet access, etc), then it's easy to make sure that all apps that read personal data are not whitelisted, unless they come from a reputable developer (e.g. Google-made apps). Any app that can read my contacts data, my calendar, my email, etc, is sure as hell not getting internet access for "usage statistics" or whatever other lame excuse they give.
<br> <br>
I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation) -- but at least it's doable on Android. I don't think any other phone platforms give this level of permission separation or control. I'm not so sure that app review would really fix the overall problem; it might catch the obviously-malicious phishing apps like in this story, but I bet that the app auditors' opinion on what is a privacy violation differs greatly from my own.
<br> <br>
I still wouldn't use my banking info on my phone regardless, since a phone is so easily losable, and locking/unlocking the data everytime with a secure passphrase would probably be too inconvenient. At very most, I would only allow read access to transactions from my phone (if banks offered this), thereby limiting the amount of useful information or control a would-be attacker could gain from compromising my phone.</htmltext>
<tokenext>One great app I use is DroidWall , which is a simple GUI for iptables .
I set the default outbound policy to DROP , then specifically whitelist the apps that should reasonably have access to the internet .
Since Android apps have to specifically declare the privileges they require before installation ( such as ability to read contact data , internet access , etc ) , then it 's easy to make sure that all apps that read personal data are not whitelisted , unless they come from a reputable developer ( e.g .
Google-made apps ) .
Any app that can read my contacts data , my calendar , my email , etc , is sure as hell not getting internet access for " usage statistics " or whatever other lame excuse they give .
I wish this functionality was built into the OS , rather than having to do it manually ( for example , a way to disallow internet access during installation ) -- but at least it 's doable on Android .
I do n't think any other phone platforms give this level of permission separation or control .
I 'm not so sure that app review would really fix the overall problem ; it might catch the obviously-malicious phishing apps like in this story , but I bet that the app auditors ' opinion on what is a privacy violation differs greatly from my own .
I still would n't use my banking info on my phone regardless , since a phone is so easily losable , and locking/unlocking the data everytime with a secure passphrase would probably be too inconvenient .
At very most , I would only allow read access to transactions from my phone ( if banks offered this ) , thereby limiting the amount of useful information or control a would-be attacker could gain from compromising my phone .</tokentext>
<sentencetext>One great app I use is DroidWall, which is a simple GUI for iptables.
I set the default outbound policy to DROP, then specifically whitelist the apps that should reasonably have access to the internet.
Since Android apps have to specifically declare the privileges they require before installation (such as ability to read contact data, internet access, etc), then it's easy to make sure that all apps that read personal data are not whitelisted, unless they come from a reputable developer (e.g.
Google-made apps).
Any app that can read my contacts data, my calendar, my email, etc, is sure as hell not getting internet access for "usage statistics" or whatever other lame excuse they give.
I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation) -- but at least it's doable on Android.
I don't think any other phone platforms give this level of permission separation or control.
I'm not so sure that app review would really fix the overall problem; it might catch the obviously-malicious phishing apps like in this story, but I bet that the app auditors' opinion on what is a privacy violation differs greatly from my own.
I still wouldn't use my banking info on my phone regardless, since a phone is so easily losable, and locking/unlocking the data everytime with a secure passphrase would probably be too inconvenient.
At very most, I would only allow read access to transactions from my phone (if banks offered this), thereby limiting the amount of useful information or control a would-be attacker could gain from compromising my phone.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30725524</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>Anonymous</author>
	<datestamp>1263235980000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I did a quick search for DroidWall on the market and two things stood out to me. First, it only blocks cellular internet. Wifi is still wide open. Second, it requires you root your phone.</p><p>I've noticed a lot of people have developed this mentality that you should assume everyones phone is rooted/jail broken then discuss usage of the thing as if that's the case. I'm fully capable of rooting my phone, but I don't want to. It's a damn hassle, and I just want to use the thing.</p><p>So no, DroidWall is not an appropriate solution for the issue this article is about. Not even close.</p></htmltext>
<tokenext>I did a quick search for DroidWall on the market and two things stood out to me .
First , it only blocks cellular internet .
Wifi is still wide open .
Second , it requires you root your phone.I 've noticed a lot of people have developed this mentality that you should assume everyones phone is rooted/jail broken then discuss usage of the thing as if that 's the case .
I 'm fully capable of rooting my phone , but I do n't want to .
It 's a damn hassle , and I just want to use the thing.So no , DroidWall is not an appropriate solution for the issue this article is about .
Not even close .</tokentext>
<sentencetext>I did a quick search for DroidWall on the market and two things stood out to me.
First, it only blocks cellular internet.
Wifi is still wide open.
Second, it requires you root your phone.I've noticed a lot of people have developed this mentality that you should assume everyones phone is rooted/jail broken then discuss usage of the thing as if that's the case.
I'm fully capable of rooting my phone, but I don't want to.
It's a damn hassle, and I just want to use the thing.So no, DroidWall is not an appropriate solution for the issue this article is about.
Not even close.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30722368</id>
	<title>Re:My vetting process is simple. . .</title>
	<author>joost</author>
	<datestamp>1263221820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Exactly! There's a one-person shop who does a banking app for our local banks, but there is no way on earth I will use his app to connect to my bank. Who knows what he is doing to simulate a login. It's sad though that my own bank does not offer an app to check your account. So the demand is filled by some third party where it should have been filled by my bank instead. When you think about it, the banks are partly responsible for hacked accounts via this third party, since they do not offer an app themselves.</p></htmltext>
<tokenext>Exactly !
There 's a one-person shop who does a banking app for our local banks , but there is no way on earth I will use his app to connect to my bank .
Who knows what he is doing to simulate a login .
It 's sad though that my own bank does not offer an app to check your account .
So the demand is filled by some third party where it should have been filled by my bank instead .
When you think about it , the banks are partly responsible for hacked accounts via this third party , since they do not offer an app themselves .</tokentext>
<sentencetext>Exactly!
There's a one-person shop who does a banking app for our local banks, but there is no way on earth I will use his app to connect to my bank.
Who knows what he is doing to simulate a login.
It's sad though that my own bank does not offer an app to check your account.
So the demand is filled by some third party where it should have been filled by my bank instead.
When you think about it, the banks are partly responsible for hacked accounts via this third party, since they do not offer an app themselves.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718806</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30731892</id>
	<title>Re:Use an Outbound Firewall</title>
	<author>slifox</author>
	<datestamp>1263219600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You must've misread or looked at the wrong app -- DroidWall works on both 2G/3G (cellular internet) AND WiFi.
<br> <br>
<a href="http://code.google.com/p/droidwall/" title="google.com">http://code.google.com/p/droidwall/</a> [google.com]
<br>
For quick proof, look at the screenshot on that site; at the very top there is a network interface selection that shows that the cellular and the wifi connections are selected.
<br> <br>
My phone came rooted, since it's an ADP (Android Developer Phone) that I own (not leased/subsidized from a phone company), so for me it was absolutely no hassle. If DroidWall helps any other ADP users, or any users who decided to root their phone, then it's a win (I never said it would help everyone). Who knows, after looking into it, a non-rooted user may decide that it's worth the hassle to root their phone. In any case, there are no downsides to pointing out this solution, and plenty of downsides to not mentioning it at all.
<br> <br>
Anyways, my general solution was at the bottom of my post, and it IS an appropriate solution for ANY user:<p><div class="quote"><p>I still wouldn't use my banking info on my phone regardless, since a phone is so easily losable, and locking/unlocking the data everytime with a secure passphrase would probably be too inconvenient.</p></div></div>
	</htmltext>
<tokenext>You must 've misread or looked at the wrong app -- DroidWall works on both 2G/3G ( cellular internet ) AND WiFi .
http : //code.google.com/p/droidwall/ [ google.com ] For quick proof , look at the screenshot on that site ; at the very top there is a network interface selection that shows that the cellular and the wifi connections are selected .
My phone came rooted , since it 's an ADP ( Android Developer Phone ) that I own ( not leased/subsidized from a phone company ) , so for me it was absolutely no hassle .
If DroidWall helps any other ADP users , or any users who decided to root their phone , then it 's a win ( I never said it would help everyone ) .
Who knows , after looking into it , a non-rooted user may decide that it 's worth the hassle to root their phone .
In any case , there are no downsides to pointing out this solution , and plenty of downsides to not mentioning it at all .
Anyways , my general solution was at the bottom of my post , and it IS an appropriate solution for ANY user : I still would n't use my banking info on my phone regardless , since a phone is so easily losable , and locking/unlocking the data everytime with a secure passphrase would probably be too inconvenient .</tokentext>
<sentencetext>You must've misread or looked at the wrong app -- DroidWall works on both 2G/3G (cellular internet) AND WiFi.
http://code.google.com/p/droidwall/ [google.com]

For quick proof, look at the screenshot on that site; at the very top there is a network interface selection that shows that the cellular and the wifi connections are selected.
My phone came rooted, since it's an ADP (Android Developer Phone) that I own (not leased/subsidized from a phone company), so for me it was absolutely no hassle.
If DroidWall helps any other ADP users, or any users who decided to root their phone, then it's a win (I never said it would help everyone).
Who knows, after looking into it, a non-rooted user may decide that it's worth the hassle to root their phone.
In any case, there are no downsides to pointing out this solution, and plenty of downsides to not mentioning it at all.
Anyways, my general solution was at the bottom of my post, and it IS an appropriate solution for ANY user:I still wouldn't use my banking info on my phone regardless, since a phone is so easily losable, and locking/unlocking the data everytime with a secure passphrase would probably be too inconvenient.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30725524</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720912</id>
	<title>Re:My vetting process is simple. . .</title>
	<author>Anonymous</author>
	<datestamp>1263203580000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>What's "your bank" in the Android Store?  It doesn't sound like there is any sort of vetting process for apps in Android -- the user "droid09" could have easily called himself "BofA Coder For Reals" employed by BofA.</p></htmltext>
<tokenext>What 's " your bank " in the Android Store ?
It does n't sound like there is any sort of vetting process for apps in Android -- the user " droid09 " could have easily called himself " BofA Coder For Reals " employed by BofA .</tokentext>
<sentencetext>What's "your bank" in the Android Store?
It doesn't sound like there is any sort of vetting process for apps in Android -- the user "droid09" could have easily called himself "BofA Coder For Reals" employed by BofA.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718806</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719594</id>
	<title>Mod Parent Up</title>
	<author>forand</author>
	<datestamp>1263141420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Could not agree with you more in the overall scheme of things. If I could 'friend' people and accept their average judgements' on the the legitimacy and quality of an App it would be of great worth to me. Even with old PCs it was difficult to find quality software behind the countless crappy products.  gdgt.com should add the ability to rate Apps and provide API access to 'friends'</htmltext>
<tokenext>Could not agree with you more in the overall scheme of things .
If I could 'friend ' people and accept their average judgements ' on the the legitimacy and quality of an App it would be of great worth to me .
Even with old PCs it was difficult to find quality software behind the countless crappy products .
gdgt.com should add the ability to rate Apps and provide API access to 'friends'</tokentext>
<sentencetext>Could not agree with you more in the overall scheme of things.
If I could 'friend' people and accept their average judgements' on the the legitimacy and quality of an App it would be of great worth to me.
Even with old PCs it was difficult to find quality software behind the countless crappy products.
gdgt.com should add the ability to rate Apps and provide API access to 'friends'</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718038</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720080</id>
	<title>low tech</title>
	<author>Anonymous</author>
	<datestamp>1263147300000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I'd settle for a feature in Applications &gt; Manage Applications that allowed me to search for apps created by Droid09</p></htmltext>
<tokenext>I 'd settle for a feature in Applications &gt; Manage Applications that allowed me to search for apps created by Droid09</tokentext>
<sentencetext>I'd settle for a feature in Applications &gt; Manage Applications that allowed me to search for apps created by Droid09</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719384</id>
	<title>Yea, Welcome to iPhone</title>
	<author>Anonymous</author>
	<datestamp>1263138480000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>fuck you android lamers.  this is why apple created a vetting process.  welcome to the real world.</p></htmltext>
<tokenext>fuck you android lamers .
this is why apple created a vetting process .
welcome to the real world .</tokentext>
<sentencetext>fuck you android lamers.
this is why apple created a vetting process.
welcome to the real world.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720638</id>
	<title>Re:Check for the signed label!</title>
	<author>mjwx</author>
	<datestamp>1263241920000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext>Yes, applications like this already exist for the iphone, there are several that have been caught harvesting contact details already.<blockquote><div><p>Now, it might be easier to Apple to be able to trace where exactly the app came from than it is for Google...</p></div></blockquote><p>

Not really, if a person is organised enough to make and release this application, they are organised enough to defeat basic tracking. Apple wont have any more information on the attacker then google via their developer programs, pretty much all they'll have is an IP address of where an application was uploaded (defeated by proxies) and a credit card number (defeated by a foreign bank account), all details can be faked.<br> <br>

This is unless Apple has some spying program with their SDK, which of course is illegal.</p></div>
	</htmltext>
<tokenext>Yes , applications like this already exist for the iphone , there are several that have been caught harvesting contact details already.Now , it might be easier to Apple to be able to trace where exactly the app came from than it is for Google.. . Not really , if a person is organised enough to make and release this application , they are organised enough to defeat basic tracking .
Apple wont have any more information on the attacker then google via their developer programs , pretty much all they 'll have is an IP address of where an application was uploaded ( defeated by proxies ) and a credit card number ( defeated by a foreign bank account ) , all details can be faked .
This is unless Apple has some spying program with their SDK , which of course is illegal .</tokentext>
<sentencetext>Yes, applications like this already exist for the iphone, there are several that have been caught harvesting contact details already.Now, it might be easier to Apple to be able to trace where exactly the app came from than it is for Google...

Not really, if a person is organised enough to make and release this application, they are organised enough to defeat basic tracking.
Apple wont have any more information on the attacker then google via their developer programs, pretty much all they'll have is an IP address of where an application was uploaded (defeated by proxies) and a credit card number (defeated by a foreign bank account), all details can be faked.
This is unless Apple has some spying program with their SDK, which of course is illegal.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30735730</id>
	<title>Re:Check for the signed label!</title>
	<author>Ardisson</author>
	<datestamp>1263303900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>iPhone apps can definitely NOT poke around other apps' data, nor the system.</p></div><p>Yes, they can!

<a href="http://seriot.ch/resources/talks\_papers/iPhonePrivacy.pdf" title="seriot.ch" rel="nofollow">http://seriot.ch/resources/talks\_papers/iPhonePrivacy.pdf</a> [seriot.ch]</p></div>
	</htmltext>
<tokenext>iPhone apps can definitely NOT poke around other apps ' data , nor the system.Yes , they can !
http : //seriot.ch/resources/talks \ _papers/iPhonePrivacy.pdf [ seriot.ch ]</tokentext>
<sentencetext>iPhone apps can definitely NOT poke around other apps' data, nor the system.Yes, they can!
http://seriot.ch/resources/talks\_papers/iPhonePrivacy.pdf [seriot.ch]
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30725436</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720376</id>
	<title>Is this itself a scam?</title>
	<author>ibsteve2u</author>
	<datestamp>1263151620000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>I note that searches of Secunia, SANS.org, and CERT don't return any mention of it, which is curious given that the...alert...began spreading on or about the 3rd of December, 2009 according to a <a href="http://www.google.com/search?hl=en&amp;client=firefox-a&amp;rlz=1R1GGGL\_en\_\_\_US358&amp;tbo=1&amp;newwindow=1&amp;tbs=qdr:y,sbd:1&amp;q=droid09&amp;start=140&amp;sa=N" title="google.com">date-sorted Google search (who is Jeremy Allexon?)</a> [google.com].  Said search likewise fails to turn up any sources which I would call "authoritative".</p><p>Given the nature of corporate competition...</p></htmltext>
<tokenext>I note that searches of Secunia , SANS.org , and CERT do n't return any mention of it , which is curious given that the...alert...began spreading on or about the 3rd of December , 2009 according to a date-sorted Google search ( who is Jeremy Allexon ?
) [ google.com ] .
Said search likewise fails to turn up any sources which I would call " authoritative " .Given the nature of corporate competition.. .</tokentext>
<sentencetext>I note that searches of Secunia, SANS.org, and CERT don't return any mention of it, which is curious given that the...alert...began spreading on or about the 3rd of December, 2009 according to a date-sorted Google search (who is Jeremy Allexon?
) [google.com].
Said search likewise fails to turn up any sources which I would call "authoritative".Given the nature of corporate competition...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719080</id>
	<title>Re:An iPhone-like process?</title>
	<author>Anonymous</author>
	<datestamp>1263134760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>Multiple repositories solve part of the problem, but more then just vetting the repository as a whole we need to score/rank/blacklist/require individual applications and authors. What friends think of an application is much more important than the "average" score of everyone</p></div><p>If only Android's app Market had some kind of star-based user rating system and allowed user comments that are displayed to you when you go to download an app.</p><p>That would be sweet.</p><p>Oh, wait.  No, that's <b>exactly how it already works</b>.</p></div>
	</htmltext>
<tokenext>Multiple repositories solve part of the problem , but more then just vetting the repository as a whole we need to score/rank/blacklist/require individual applications and authors .
What friends think of an application is much more important than the " average " score of everyoneIf only Android 's app Market had some kind of star-based user rating system and allowed user comments that are displayed to you when you go to download an app.That would be sweet.Oh , wait .
No , that 's exactly how it already works .</tokentext>
<sentencetext>Multiple repositories solve part of the problem, but more then just vetting the repository as a whole we need to score/rank/blacklist/require individual applications and authors.
What friends think of an application is much more important than the "average" score of everyoneIf only Android's app Market had some kind of star-based user rating system and allowed user comments that are displayed to you when you go to download an app.That would be sweet.Oh, wait.
No, that's exactly how it already works.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718038</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30721006</id>
	<title>Move along, nothing to see</title>
	<author>Anonymous</author>
	<datestamp>1263204900000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>"Might we see the emergence of a marketplace distinguished by an iPhone-like app vetting process?" Let's hope not. The best thing about Android is that you don't have to wait 876576532457865412347 gazillion weeks for some hired student rejecting your app and sending you a rejection email that doesn't even get the name of your app right.</p></htmltext>
<tokenext>" Might we see the emergence of a marketplace distinguished by an iPhone-like app vetting process ?
" Let 's hope not .
The best thing about Android is that you do n't have to wait 876576532457865412347 gazillion weeks for some hired student rejecting your app and sending you a rejection email that does n't even get the name of your app right .</tokentext>
<sentencetext>"Might we see the emergence of a marketplace distinguished by an iPhone-like app vetting process?
" Let's hope not.
The best thing about Android is that you don't have to wait 876576532457865412347 gazillion weeks for some hired student rejecting your app and sending you a rejection email that doesn't even get the name of your app right.</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718344
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720312
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718130
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30731892
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30725524
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718808
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719430
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718348
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717958
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719446
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717966
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724872
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30733238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717812
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720912
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718806
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719594
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718038
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30726588
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720184
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724288
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718150
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724756
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718398
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718200
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724740
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718348
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717958
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30722368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718806
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719894
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718898
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718314
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719012
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30735730
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30725436
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718046
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718378
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719898
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717966
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719080
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718038
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719760
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718150
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718084
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720256
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717958
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718204
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720638
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718960
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718062
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_01_10_2036222_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718822
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717966
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718342
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717830
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718150
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724288
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719760
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718214
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720184
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30726588
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720638
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30725436
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30735730
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719894
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718084
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720080
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719292
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718856
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717858
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724756
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718130
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720312
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718808
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724872
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718204
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718062
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30725524
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30731892
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718960
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718378
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718788
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719384
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718200
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718398
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717874
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717966
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719898
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718822
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719446
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718046
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719012
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718344
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718038
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719594
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719080
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717958
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720256
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718348
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30724740
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719430
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717812
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719228
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30733238
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30719066
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718314
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718898
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30717914
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_01_10_2036222.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30718806
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30722368
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_01_10_2036222.30720912
</commentlist>
</conversation>
