Your Web News in One Place

An Interest In:

Web News this Week

Search Archive

Some of Our Sources

View All Sources

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
November 20, 2020 01:30 am

Messaging App Go SMS Pro Exposed Millions of Users' Private Photos and Files

Go SMS Pro, one of the most popular messaging apps for Android, is exposing photos, videos and other files sent privately by its users. Worse, the app maker has done nothing to fix the bug. TechCrunch reports: Security researchers at Trustwave discovered the flaw in August and contacted the app maker with a 90-day deadline to fix the issue, as is standard practice in vulnerability disclosure to allow enough time for a fix. But after the deadline elapsed without hearing back, the researchers went public. Trustwave shared its findings with TechCrunch this week. When a Go SMS Pro user sends a photo, video or other file to someone who doesn't have the app installed, the app uploads the file to its servers, and lets the user share a web address by text message so the recipient can see the file without installing the app. But the researchers found that these web addresses were sequential. In fact, any time a file was shared -- even between app users -- a web address would be generated regardless. That meant anyone who knew about the predictable web address could have cycled through millions of different web addresses to users' files. Go SMS Pro has more than 100 million installs, according to its listing in Google Play.

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/8kOTtQm0fSc/messaging-app-go-sms-pro-exposed-millions-of-users-private-photos-and-files

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot