![]() |
Whisper advertises itself as the "safest place on the Internet," maybe that's why users wouldn't hesitate to share their deepest secrets, which included sexual confessions and discussion of sexual orientation and desires with others on Whisper, Whisper stored all this discussions and users information and their secrets on a database that doesn't have a password which means anyone on the web can access it.
One of The Washington Post reporters has managed to search the records which involved of children's, which testaments the vulnerability in the Whisper app. Dan Ehrlich and Matthew Porter, the cybersecurity consultants, were able to access an unimaginable 900 million Whisper user records which date from 2012(The year of Whisper's release) to 2019.
The public access was only removed after the researchers and Washington Post alerted Whisper about this vulnerability, the researchers also informed federal law-enforcement officials about the loop-hole in Whisper's database. the company said in a statement that most of the data was supposed to be public for the users within the Whisper app, However, The database found by the researchers, however, was “not designed to be queried directly,” a company official said.
The records accessed by the researchers did not reveal the name of the users but only the age, ethnicity, gender, hometown, nickname. These records also reveal the location of the users, where they've last logged in or where they've last texted in the Whisper app.
Comments
Post a Comment
Comment your thoughts and feedback