Skip to main content

A Location Sharing App Exposed 1.7 Million Passwords And Some Users' Nude Photos


Mobile apps on your smartphone can range from most useful and secure to social media and games that help you pass your time. There are also quite a few apps that are plain redundant on the Play Store or App Store. Though, regardless of the type, smartphone apps are the backbone of our smartphone existence.
Apps act as the gateway for the data that we consume as well as feed the system, and most users trust what the apps ask them to do. Considering smartphone apps are critical for the complete smartphone experience, one would believe that the developers making these apps would be careful in making these apps.
Even though most developers put in efforts to ensure that their apps are secure, and act responsibly by protecting user data while handling them. There are some exceptions where developers try to push malicious apps that want to mine user data, steal user data or even mine bitcoin in the recent past. But, there is a third type of developers who accidentally or out of sheer carelessness end up leaving the user data insecure.
According to Fobes, 18 Android tracking apps were installed as part of the investigation that has already been downloaded by millions of users via the Google Play Store. One of these apps, “Couple Vow” that allows couples to share location with each other exposed about 1.7 million user passwords in plain text format without any encryption.
These exposed passwords would allow anyone to have access to all the location, call, text data in addition to anything sent using the messaging feature of the app. A separate issue with the app database allowed researchers to access all the user data of 1.7 million users including nude images in “some cases”. As pointed out by the report, researchers from Fraunhofer Institute for Secure Information Technology in Germany presented these flaws at hacking convention DEF CON in Las Vegas last week. The presentation was titled “All Your Family Secrets Belong To Us- Worrisome Security Issues In Tracker Apps.”
The report pointed out that the developers of the app did not respond to the request for a comment. The report stated that the rest of the apps also had weaknesses that could allow hackersaccess to accounts by bypassing the login or unsecured communication. What was surprising was the fact that Google was not swift in its response when the researchers disclosed these issues to the company. Instead, the company was slow in its response removing only “handful of the apps” while leaving “some” up on the Play Store.

Comments

Post a Comment

Jarring comments...

Popular posts from this blog

Why Do We Scratch Our Heads When We're Thinking?

Some people believe that certain automatic gestures — like scratching our heads when we're thinking — are natural motions that were passed down to us from our caveman predecessors. JOSE LUIS PELAEZ INC./GETTY IMAGES If you've ever had the distinct pleasure of sourcing stock photos for any reason, you've likely come across a whole lot of laughing women eating salads alone . But you've also probably stumbled upon a truckload of people scratching their heads to symbolize confusion, deep thought and/or perhaps a bad case of seborrheic dermatitis — dandruff. Scalp dryness aside, how exactly did the head scratch come to symbolize intellectual processes? Some people believe that certain automatic gestures are simply natural, expressive motions our caveman predecessors passed down to us. "One popular explanation for any hand-to-head movements is that they're frustrated aggression — a reversion to the natural movements of our rock-throwing ancestors," wrote Sa...
Post a Comment
Read more

Jackie Robinson in Reverse, Eddie Klep Integrated Negro Leagues

WASHINGTON  President Bush presented the Congressional Gold Medal to the family of Jackie Robinson this week, in posthumous honor of the man who broke through major league baseball’s racial barrier in 1947. Unmentioned and unmourned was the late Eddie Klep, who crossed baseball’s color line a year earlier in the opposite direction. Klep was the first white man to play Negro League ball.    A short-lived pioneer, he washed out in his first season as a Cleveland Buckeye. A few years later he was wearing the uniform of the Rockview (Pa.) State Prison baseball team. In talent, character and impact, he was no Jackie Robinson. But Eddie Klep’s exploits, such as they were, serve as a reminder that integration is a two-way street. Beyond the brave tales of celebrated black breakthroughs, the path toward racial progress is also adorned with intriguing stories of white Americans willing to go where others feared to tread, everyday people distinguishing themselves with simpl...
Post a Comment
Read more

Spotify announces new partnership with Samsung - Finally Spotify will pose like Apple Music

Spotify co-founder and CEO Daniel Ek There's a new collaboration in the works. Early Friday morning, Spotify co-founder and CEO Daniel Ek (pictured) revealed through an online Q&A session that the music streaming service is partnering with smart-phone makers Samsung to "create a seamless music listening experience together for the user that would be hard for either of us to build alone". The streaming service will now be integrated into future Samsung phones, and will be the brand's main music player app. Another feature that will be available will be the synchronizing of Spotify accounts across multiple Samsung devices, from phones to TVs, tablets, speakers and watches. Ek commented on the feature, saying, "As you move from room to room, your devices will be aware of your location and prompt you to effortlessly transition your listening between them". Ek further went on to comment on Spotify's integration with Samsung, revealing that the partn...
Post a Comment
Read more