Apps Like Instagram and ooVoo May Be Leaking Data

Vlad Tiganasu
  • Vlad Tiganasu,
  • 10 years ago
  • Editor DroidInformer.org

Apps Like Instagram and ooVoo May Be Leaking Data Apps Like Instagram and ooVoo May Be Leaking Data

In case you haven't noticed the recent trend, it seems that user privacy is quickly going down the drain. If you aren't yet convinced, researchers from the University of New Heaven found data leaks in some major social networking and messaging apps for Android like Instagram, Oovoo, Vine, Nimbuzz and many others.

According to the results of the study, a huge list of instant messaging and social networking apps used on Android-powered devices have major security issues. The issues that were discovered include the storage of unencrypted videos and images on publicly available servers, sending passwords over the network or storing them on the device in plain text, recording chat logs in plain text, and there was even one app (TextPlus) that went as far as taking screenshots of its usage (without the user's consent) and storing them. While I must admit that Internet security is a complex matter, I can't help feeling that some of these apps are walking the thin line between not caring about the safety of the data and intentionally putting the user's privacy at risk. And, in case you think I'm blowing this out of proportions, the total number of people who use the apps that were targeted by the research is approximated to somewhere around 960 million.

In order to get the results, the researchers analyzed the network traffic activity of the devices they were working on and monitored the files that were captured. Here's what they found:

  • Storage of unencrypted images on public servers: Instagram, ooVoo, HeyWire, Grindr and TextPlus.
  • Storage of unencrypted videos on publicly available servers: Tango and MessageMe.
  • Storage of passwords in plain text on the device: TextMe, Nimbuzz.
  • Sending unencrypted information (pictures, texts, location maps, video, music) over the network: Instagram, OoVoo, Nimbuzz, TextMe, OKCupid, Kik, HeyWire, Hike, TextPlus, Grindr, MeetMe and Tango.
  • Storage of plain-text chat logs on the device: Voxer, Words with Friends, Whisper, WeChat, Nimbuzz, MeetMe, OoVoo, Twitter's Vine, TextPlus, GroupMe, Hike, Kik, Line, MyChat, TextMe, HeyWire and SayHi.

For complete information visit the UNH Cyber Forensic Research & Education Group website.

Referenced Android applications

Author's other posts

Comments

You can also add comment viaFacebook
Useful Android applications
Interesting Android stories