The data is stored on Viber's server in an unencrypted manner. In the video, one of the researchers said the unencrypted messages can also be retrieved from Viber’s servers by anyone who knows the message URL: In a video posted on the UNH website and YouTube, the researchers demonstrated capturing messages sent between two test Android phones.ĭata can be intercepted by poisoned access points, by malicious users on the same Wi-Fi network, or elsewhere in the network between you and Viber. Using a Windows PC as a Wi-Fi access point, the UNH team was able to capture data sent by an Android smartphone with regular traffic sniffing tools, the same approach taken by UNH in their experiments with WhatsApp. It’s the second cryptographic blunder exposed by UNH researchers in as many weeks – the UNH Cyber Forensics Research & Education Group disclosed on 13 April 2014 that the WhatsApp messenger app also gives away user location data in unencrypted form. Viber, a mobile messenger app that allows users to make phone calls and send text messages and images for free, also gives up plenty of free user data to anyone who wants to listen.Īccording to researchers from the University of New Haven (UNH) in Connecticut, US, Viber’s app sends user messages in unencrypted form – including photos, videos, doodles, and location images.Īll of that rich data from users is also stored unencrypted on Viber’s servers, rather than being deleted immediately, and is accessible without credentials, just a link, the UNH researchers said.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |