The application that is causing Sarahah fever silently steals user contacts
Sarahah is a new app but has quickly become one of the hottest apps on iPhone and Android in the past few weeks. When you join the application, you will receive an anonymous message from other Sarahah users.
But security analyst Zachary Julian discovered that the application silently downloads user contacts to the company's server.
According to The Intercept, when users first download and install the app, Sarahah will immediately retrieve and download all phone numbers and email addresses from their phones.
If the application has a contact-related feature, it is normal to access user contacts. But now Sarahah has no features related.
Sarahah collects and downloads all user contacts to the server
'The privacy policy says that if any user data is intended, the application will ask for access. Although the description on Google Play Store also says that the application will access the contacts, but that does not mean it is sent without notice. '
Zain al-Abidin Tawfiq, the owner of Sarahah, said that his application does indeed get and download user contacts on the company's server, but to serve a future feature called 'find friends. . This feature is currently delayed by a technical error but has not been removed from the current version of the application.
Tawfiq also ensured that 'requesting data will be dropped during the next update' and Sarahah's server does not store contacts, although this is unverifiable.
Sarahah caused storms in a few weeks, making it the 3rd most downloaded free app for iPhone and iPad. It has been downloaded by about 18 million users from Apple and Google stores.
You can still use Sarahah by blocking access to contacts. From the new Android OS (6.0 Marshmallow) Android allows restricting access to applications. You can change the settings at Settings > Personal > Apps. Under the Configuration App section , open the App Permission and limit the permissions of the application you choose.
You should read it
- Chinese antivirus applications secretly collect user data
- Telegram allows you to delete a received message from the sender's device
- Zoom iOS application was detected sending data to Facebook
- Zalo takes 5 million users
- WhatsApp has reached 700 million unique users every month
- How to enable Registration Lock in Signal
- [Infographic] Selecting a suitable messaging application for Enterprises
- How to use NEV Privacy - Hide Pictures hide photos, apps on Android
May be interested
- Chinese Internet users from now on cannot post content anonymouslymore bad news for chinese users. they will not be able to post anonymous comments online from october 1 this year.
- The unpatched bug affects the utility system on Chrome, Firefox and Safarisecurity researchers have discovered two bugs that affect the utility system embedded in current browsers such as firefox, safari and all things related to chromium like chrome, opera ...
- Researchers found a way to disable Intel MEresearchers from positive technologies, a provider of enterprise security solutions, have found a way to disable intel management engine (me), a component of intel's cpu that many people hate.
- The 20-year-old boy is named in the Hall of Fame list of Googlerecently, a new member was named in the hall of fame list of google. this guy was listed on the 49th page of a total of 89 pages of hall of fame.
- YouTube redesigned the new logo and supports vertical videothere's no doubting or guessing what else, the vertical video has already appeared on youtube.
- Windows WinDbg debug tool has great improvementsmicrosoft has just released a new version of its windows debugger, a utility that is familiar to developers and system administrators.