[adrinavarro]

This seems related to Motorola's MOTOBLUR system: http://en.wikipedia.org/wiki/Motoblur

In all fairness, it seems that the implementation uses a middle server (pretty common in big companies where good engineering isn't a requirement) where log in data is sent, is stored in the users' profile and where timelines and other content is parsed before being sent back to the user's device, in a "dumb" format that the BLUR system can understand.

Nokia has a bit of the same for their low-end phones (understandably) and BlackBerry used to do much of the same. Yet, in those days, and in an Android phone that can easily connect to social networks on its own, this seems like a very unfortunate techncial decision.

In other words: the official Gmail app, Twitter or Facebook apps are unlikely to be "compromised".

[speeder]

A post now on HN from a forum argument of Jan 2012 has a employee stating that ALL motorola phones use Motoblur, except those hat are not Motoblur use a automatically created login for you instead... So it is still a bad thing...

EDIT: submission I am refering to: https://news.ycombinator.com/item?id=5975598

[sivanmz]

While the value of Motoblur has been questionable and the service is no longer a focus for Motorola, it makes sense to do this server side.

One connection that pushes aggregated social networking data saves the need for a multitude of apps constantly polling or keeping their own open commections to various services.

BlackBerry also provided similar services as part of their BIS plan. It would poll Gmail and Exchange servers from its own servers, and push compressed data to the device.

Also, remember that these services existed at a time of slow networks and devices and a lack of support for it from Google. At the present, it's becoming increasingly clear that only few companies have the expertise and trust to do this securely. Motorola is probably not one of them.

[skue]

The article has been updated to point out that this model does not use to MotoBlur interface. Apparently having (what looked like) a mostly stock Android interface was an important buying consideration.

[adrinavarro]

I have my doubts. It never stated when it sent the passwords. Maybe it hasn't the UI overlay, but the social apps seem to be closely related to MOTOBLUR.

[magicalist]

Ah, thank you. This post was really confusing, having never really used a motorola phone. The post never actually specified how those passwords were being used, just what service they came from and what was being sent. For most of those apps there shouldn't be any (non-exploit) way to get your credentials out to then send them in the clear.