![\"\"](\"\/\/www.iser-br.com\/Themes\/Release\/images\/responsive\/ettelecom-default.jpg\")
San Francisco: US-based anonymous social media<\/a> platform Yik Yak<\/a>, which allows users to read messages from others in proximity, has reportedly left at least two million users' precise locations exposed.
David Teather, a computer science student, last month, found that the iPhone app<\/a>'s flaw let attackers obtain both the precise location for posts and users' unique IDs.
\"I was able to access the precise GPS<\/a> coordinates (accurate to within 10-15ft) of all posts and comments on the Yik Yak platform, this leaves at least 2 million users at risk. This number is likely higher, as this user count is six months old,\" he wrote in a blog post.
\"I disclosed what I found to the Yik Yak team on April 11, 2022. Almost a month later on May 8, 2022 (1 day before the public disclosure date), they responded by removing the user id being returned for posts and comments however this is not enough to protect privacy,\" he added.
Yik Yak is a pseudonymous messaging board, where users can see posts within a radius of 5 miles. Each user has an emoji and colour to distinguish individuals, these can be reset if the user chooses.
This feature allows conversation chains to continue in comment sections where users can interact.
Each post has a location associated with it by design, and when viewing a post the app displays how far away they are from you.
The app, which was initially launched in 2013, was shut down due to its failure over cyber-bullying and harassment reputation, was relaunched last year. It is now marketed toward people ages seventeen and older.
<\/body>","next_sibling":[{"msid":91556186,"title":"Elon Musk says 'still committed', hours after putting Twitter deal on hold","entity_type":"ARTICLE","link":"\/news\/elon-musk-says-still-committed-hours-after-putting-twitter-deal-on-hold\/91556186","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":91556250,"entity_type":"ARTICLE","title":"iPhone app Yik Yak exposes millions of user locations","synopsis":"David Teather, a computer science student, last month, found that the iPhone app's flaw let attackers obtain both the precise location for posts and users' unique IDs.","titleseo":"telecomnews\/iphone-app-yik-yak-exposes-millions-of-user-locations","status":"ACTIVE","authors":[],"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-05-14 10:14:18","lastupd":"2022-05-14 10:21:02","breadcrumbTags":["iphone","mvas\/apps","gps","yik yak","iphone app","social media","yikyak platform","cyber bullying","privacy protection","user unique id"],"secinfo":{"seolocation":"telecomnews\/iphone-app-yik-yak-exposes-millions-of-user-locations"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2022-05-14" data-index="article_1">
- Telecom乐动扑克News
- 1分钟读
iPhone应用程序Yik牦牛使数以百万计的用户位置
大卫•Teather计算机科学的学生,上个月,发现iPhone应用程序的缺陷让攻击者获得职位的精确位置和用户的惟一id。
旧金山:美国匿名社交媒体平台Yik牦牛,它允许用户读取消息从别人在附近,据报道已经造成至少二百万暴露用户的精确位置。
大卫老师,计算机科学的学生,上个月,发现iPhone应用程序的缺陷让攻击者获得职位的精确位置和用户的惟一id。
“我能够访问的精确全球定位系统(GPS)坐标(精确到10-15ft) Yik牦牛平台上的所有文章和评论,这让至少200万个用户的风险。这个数字可能更高,因为这用户数量是6个月大的时候,”他在一篇博客文章中写道。
“我透露我发现Yik牦牛团队4月11日,2022年。几乎一个月后在2022年5月8日(1天前公开披露日期),他们通过删除文章和评论的用户id返回然而这并不足以保护隐私,”他补充道。
Yik牦牛是一个匿名消息板,用户可以看到的帖子在半径5英里。每个用户都有一个emoji和颜色来区分个体,这些可以重置如果用户选择。
这个特性允许谈话链继续在评论部分用户可以交互。
每个帖子都有一个与之关联的位置通过设计,当查看一篇应用显示他们有多远从你。
应用,最初成立于2013年,由于其被关闭失败在网络欺凌和骚扰的名声,在去年重新推出。现在是销售到17岁的孩子和老人。
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动