Instagram, Grindr, WhatsApp, and Others Have Serious Vulnerabilities that Put User Privacy at Risk

If you’re like most Android users, then you use at least one of the following apps: -Instagram -OKCupid -Grindr -WhatsApp -Viber Whether you’re an Instagram user or a Grindr user, you may face a serious risk of losing your data. According to a new report from the University of New Haven’s “Cyber Forensics Research and Education Group”, many popular Android apps have serious vulnerabilities: “What we really find is that app developers are pretty sloppy”, says Ibrahim Baggili, the director and editor-in-chief of the Journal of Digital Forensics, Security and Law. Examples of vulnerabilities in popular Android apps: -Instagram still has images sitting on its servers that are unencrypted and accessible without authentication -Images are also accessible on a number of other apps, including OoVoo, MessageMe, Tango, Grindr, TextPlus, and HeyWire. Specifically, photos sent from one user to another are accessible and unencrypted on the app’s servers. -In addition, many applications do not encrypt chat logs on devices. OoVoo, Kik, Nimbuzz, and MeetMe do not encrypt chat logs, for example. -Anyone who can access your phone can “dump the backup” and view all the chat messages sent back and forth -Many popular Android apps claim to use encryption standards like SSL/TLS but either fail to use it or never actually use it. That’s a problem because unencrypted traffic can be intercepted over Wi-Fi networks and easily accessed by someone with the right tools. Most data leaks are a result of sloppy programming in one form or another. If you use any of the above apps to store personal information, then your personal data could be the next to disappear. UNHcFREG releases one video every week explaining security issues in various apps. It’s a scary look into how many of us think we’re protected, but few of us actually are protected.