My toodledo android app keeps popping up security token notice and askinge to relogin since yesterday. Is there a chance that android app or its browser is affected? If not why would this message appear? I am using nexus 5 OS v4.4.2
Jake, I'm glad to hear that TD wasn't affected by the problem! I came to the forums to look for info on that & I found good news.
As for the N5 on KitKat, you might want to check at Google. There may be something in particular with Android/Chrome related to a special version of OpenSSL called (I think) mod_spdy. Sorry I don't know a lot more to offer...but please do let us know what you find out in case other users have the same problem. Thanks!
The Android app sign in problems have nothing do with Heartbleed. It has to do with the last update that we released. We are seeing a small number of people have this problem. The solution so far is to delete and reinstall the app. We are still investigating why this is happening to some people. We haven't yet been able to reproduce the problem.
The CRIME attack has been mitigated by modern web browsers, so it does not strictly require a fix on the server if you are using a browser made recently. That said, we do plan to fix it on the server as well.