Timeglass Countdown Timer & Interval Timers 1.1.4 (iOS / App Store)

175x175bb (35)

This application is available for iOS. This app is designed to be a fitness timer. The latest build was released on Nov 15, 2016. Our latest check was performed on Oct 7th, 2016.

Findings Summary

Our examination revealed total 7 items, where were 5 DAR items and 2 DIT items found. Among DAR items were found 0 worst items, 4 bad items, 1 good item, and 0 best items. Among DIT items were found 0 worst items, 1 bad item, 1 good item, and 0 best items.

Below you find 2 infographics summarizing what we described above. Each image provides information about both DAR and DIT items.

 

This slideshow requires JavaScript.


Everything presented below is related to well-known CWEs, such as Sensitive data leakage [CWE-200], Unsafe sensitive data storage [CWE-312], Unsafe sensitive data transmission [CWE-319]. You can read more about it here.

Now let’s go deeper and examine each data item’s protection level.

 

Application Description

Let’s cite the description of this application below:

Timeglass has everything you need to time exercise, cooking, and your daily routines. Timeglass gives you:

  • Many timers, side by side – Create reusable timers and run them side by side. Maybe you want to do a workout while timing a roast in the oven. No problem! Timeglass has you covered.
  • Multi-stepped timers – Timers can have multiple steps, where each step has its own duration. This is great for workout routines and cooking.
  • Spoken timers – Want to know what’s up next without looking at your phone? Timeglass will talk you through your stepped timers so you can stay focused on whatever you’re doing.
  • Timer widget – Start and view your timers from any widget screen, or from 3D Touching the app icon on iOS 10. You can even use this to see your timers while your phone is locked.
  • Pre-built timers – A library of forty timers to choose from, covering fitness, home & lifestyle, productivity, relaxation, and cooking.
  • Lots more awesome stuff – Like stopwatches, repeating alerts, beautiful tones & icons for your timers, plus five themes to choose from.

A few users are experiencing problems with notifications in iOS 10. We’re sorry about this, and hope Apple’s next update resolves this. Until then, installing Timeglass may help – Unfortunately this one is out of our hands.

 

Protection levels.

Locally stored data (Data-at-Rest, DAR).

Locally stored data groups include Media Information, Application Information, Log Information, Analytics ‘n’ Ads Information.
The average DAR value is 4.10 points (7.00 points of system protection and 1.20 points of own protection). It is higher than a typical value (3.5 points, where’s 7 points of system protection and 0 points of own protection).

Items’ GROUP #1 with average value 6.50 points (7 points of system protection, 6 points of own protection) means data protection levels have following definitions. Frankly talking, protection and privacy issues are still possible but might involve interaction with an app code where system protection level means – root/jailbreak is required but not possible without wiping device data, and own protection level means – data is not available in backups.

– Screen Snapshots (‘Media Information’ Group) – Screenshots of your device screen running certain apps; common as an iOS app multitasking feature (app swipes) or browser tab swipes. This data item related to mentioned group meant to be any data like photo, image, video, audio

Items’ GROUP #2 with average value 3.50 points (7 points of system protection, 0 points of own protection) means data protection levels have following definitions. Frankly talking, extra data found that shouldn’t be accessed where system protection level means – root/jailbreak is required but not possible without wiping device data, and own protection level means – stored as is.

– Application Events (‘Application Information’ Group) – App events referred to user actions ‘n’ activities were done. This data item related to mentioned group meant to be any info related to the app, app settings, including installed apps or installers,

– Application Configs (‘Application Information’ Group) – Different configuration files created by your app, perhaps app permissions. This data item related to mentioned group meant to be any info related to the app, app settings, including installed apps or installers,

– Calendar Events (‘Log Information’ Group) – Some info about calendar events like date and time and calendar body. This data item related to mentioned group meant to be any information stored in local or network logs,

– Device Data (‘Analytics ‘n’ Ads Information’ Group) – Device ID, Device Name, Device OS Name and Version, and jailbroken/root status. This data item related to mentioned group meant to be any info related to analytics services like Flurry, Google Analytics, etc. or advertisements

Also, keep in mind, using jailbroken device means the system protection level is 0 points and you’re using out-of-date iOS < 8.3 the system protection level is 2 points. If some data marked as shareable via iTunes, then the system protection level is 4 points.

Transferred data (Data-in-Transit, DIT).

Transferred data groups include Analytics ‘n’ Ads Information, Payment ‘n’ Transaction Information.
The average DIT value is 5.00 points (5.00 points of system protection and 5.00 points of own protection). It is higher than a typical value (4 points, where’s 4 points of system protection and 4 points of own protection).

Items’ GROUP #1 with average value 4.50 points (5 points of system protection, 4 points of own protection) means data protection levels have following definitions. Frankly talking, data available if it’s allowed only and may require user action where system protection level means – some techniques are available to developers to keep connection bypassing system settings, like proxy settings, etc., and own protection level means – bypassed by fake/stolen root certificates.

– Device Data (‘Analytics ‘n’ Ads Information’ Group) – Device ID, Device Name, Device OS Name and Version, and jailbroken/root status. This data item related to mentioned group meant to be any info related to analytics services like Flurry, Google Analytics, etc. or advertisements

Items’ GROUP #2 with average value 5.50 points (5 points of system protection, 6 points of own protection) means data protection levels have following definitions. Frankly talking, data is not available all the time or partially accessed where system protection level means – some techniques are available to developers to keep connection bypassing system settings, like proxy settings, etc., and own protection level means – SSL pinning (can be patched).

– In-App Payment (‘Payment ‘n’ Transaction Information’ Group) – Data related to in-app payment via market store. This data item related to mentioned group meant to be details about transactions and payment data involved into transaction records

Keep in mind if you’re using out-of-date iOS < 9.0, the system level equals 2 points instead of 4. It means your data can be stolen without involving your actions.

Privacy Policy

No Privacy Policy is available for this application.