An Interest In:
Web News this Week
- April 1, 2024
- March 31, 2024
- March 30, 2024
- March 29, 2024
- March 28, 2024
- March 27, 2024
- March 26, 2024
Some of Our Sources
- BoingBoing
- Technology Review
- Just Creative
- The Logo Smith
- Naldz Graphics
- Crazy Leaf Design
- My Ink Blog
- CSS Tricks
- Design Modo
- Hashedout
Help Webnuz
Referal links:
March 9, 2021 04:45 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/E0EYJhI2_4Q/a-bug-in-a-popular-iphone-app-exposed-thousands-of-call-recordings
A Bug in a Popular iPhone App Exposed Thousands of Call Recordings
A security vulnerability in a popular iPhone call recording app exposed thousands of users' recorded conversations. From a report: The flaw was discovered by Anand Prakash, a security researcher and founder of PingSafe AI, who found that the aptly named Call Recorder app allowed anyone to access the call recordings from other users -- by knowing their phone number. But using a readily available proxy tool like Burp Suite, Prakash could view and modify the network traffic going in and out of the app. That meant he could replace his phone number registered with the app with the phone number of another app user, and access their recordings on his phone. TechCrunch verified Prakash's findings using a spare phone with a dedicated account. The app stores its user's call recordings on a cloud storage bucket hosted on Amazon Web Services. Although the public was open and lists the files inside, the files could not be accessed or downloaded. The bucket was closed by press time.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/E0EYJhI2_4Q/a-bug-in-a-popular-iphone-app-exposed-thousands-of-call-recordings
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot