After Standford researchers revealed finding vulnerabilities in its infrastructure, audio chat room app, Clubhouse, says it will be adding extra security to its setup. The apps’ developers plan to add additional encryption to prevent it from transmitting pings to servers in China.
The Stanford Internet Observatory (SIO) in a new report revealed that that Shanghai-based company Agora, who are providers of real-time engagement software, “supplies back-end infrastructure to the Clubhouse App”.
The group of researchers further found out that the app transmits the users’ unique Clubhouse ID numbers —not usernames— and chatroom IDs in plaintext. This would most likely give Agora access to raw Clubhouse audio according to SIO. This means anyone observing internet traffic could match the IDs on shared chatrooms and listen in to conversations, the group tweeted, pointing out that “For mainland Chinese users, this is troubling”.
📢 New work out today from our Tech team & China research team: @joinClubhouse app recently became popular in 🇨🇳. We looked at its data security practices & found a potential risk to mainland Chinese users.
Here are our key findings 👋🧵⤵️
(1/8)
— Stanford Internet Observatory (@stanfordio) February 13, 2021
Also read:
– Google Launches App Quality To Aid Developers In Building Engaging Android Apps
– VLC Is Set To Launch Version 4.0 With A New, Modern Design!
– Twitter Says It’s Adding Labels To Personal Accounts Of Head Of States
An Agora spokesperson in an emailed statement said it was very clear about “how we deal with user data”. The company “does not have access to, share, or store personally identifiable end-user data,” the spokesperson said. The spokesperson also added that; “voice or video traffic from non-China based users — including US users — is never routed through China.”
The company told the SIO it does not store user audio or metadata other than to monitor network quality and bill its clients. Also, it says that as long as the audio is on servers in the US, the Chinese government cannot access the data.
Clubhouse on its part told the SIO researchers in a statement that when the app launched, it did not make it available in China “given China’s track record on privacy”.
However, some users in China found a way to still download the app, according to Clubhouse. This meant that; “until the app was blocked by China earlier this week— the conversations they were a part of could be transmitted via Chinese servers”.
The company says it will make changes; “to add additional encryption and blocks to prevent Clubhouse clients from ever transmitting pings to Chinese servers”. It also plans to hire an external security firm to review and validate the updates.
For your daily dose of tech, lifestyle, and trending content, make sure to follow Plat4om on Twitter @Plat4omLive, on Instagram @Plat4om, on LinkedIn at Plat4om, and on Facebook at Plat4om. You can also email us at info@techtalkwithtdafrica.com and join our channel on Telegram at Plat4om. Finally, don’t forget to subscribe to our YouTube channel HERE.