A week since invitation-only audio-chat platform Clubhouse revealed that it would make security improvements for users, an attacker has proven the platform’s live audio can be siphoned.
Clubhouse Spokesperson, Reema Bahnasy says that a user was “able to stream Clubhouse audio feeds this weekend from ‘multiple rooms’ into their own third-party website.
However, Bloomberg revealed that the platform has “permanently banned that particular user and installed new “safeguards” to prevent a repeat, researchers contend the platform may not be in a position to make such promises”.
Clubhouse has become a wildly popular app across the world. The platform appears to be a reflection of the growing interest in sound-based products with the recent rebound of the podcast.
The app collects content, communications, and other information that participants provide, including when you sign up for an account, create or share content, and message or communicate with others.
To create and manage an account, a participant may provide personal data, including name, phone number, a photo, an email address, and a username. And the app temporarily records the audio in a room while the room is live.
Also, the data collected about the participants may also be given to third-parties, albeit for temporary use, but as the app has seen from high-profile incidents no one is insured against leaks.
Kaspersky researchers believe that the app can create a false sense of security, privacy, and closeness, in part because of how its registration works (it’s invitation-only at the moment). This creates several risks for the users, which are important to be aware of when using any public space on the Internet.
Alex Stamos, Director of the Stanford Internet Observatory (SIO) says users should assume all conversations are being recorded. “Clubhouse cannot provide any privacy promises for conversations held anywhere around the world.”
Follow IT News Africa on Twitter