At nearly a year old, the invitation-only, audio-based social-media platform ClubHouse is grappling with security issues on multiple fronts, but the consensus among researchers is coming into focus: Assume your ClubHouse conversations are being recorded. The company confirmed to Bloomberg that over the weekend a user was able to breach “multiple” ClubHouse room audio feeds and stream them on a third-party website. A company spokeswoman told Bloomberg the user has been banned and that “safeguards” have been put in place. Another user, located in mainland China, meanwhile wrote code that allows anyone to listen in on ClubHouse conversations without the required invitation code, and posted it on GitHub, Silicon Angle reported. That, along with other malicious code designed to breach Clubhouse, have been blocked, according to the outlet. Clubhouse’s Agora Platform The heart of Clubhouse’s security woes is its backend “real-time voice and video engagement platform” provided by Shanghai-based startup Agora. Clubhouse web traffic is directed to Agora’s server in China, including personal metadata, without encryption, according to the Stanford Internet Observatory (SIO), which was the first to raise the alarm about ClubHouse’s privacy and security protections on Feb. 12. Because Agora is based in China and Silicon Valley, it is subject to cybersecurity laws of the People’s Republic of China, which the company acknowledged could require it to assist the government in investigations…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-02-22 14:40:002021-02-22 14:40:00Assume ClubHouse Conversations Are Being Recorded, Researchers Warn
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com