The app Sarahah compromises our contacts?
The much discussed and widespread messaging app anonymous Sarahah ends up in the eye of the cyclone, as it would compromise our contacts by sending them to the server, a third party.
For those who don't know it yet, remember that Sarahah is an app that allows you to send anonymous messages to users subscribed to the service, with the purpose of obtaining any reviews positive or negative: friends, work colleagues, family members, or by all those who know you and want to express their opinion on you in a completely anonymous way and, hopefully, honest. Of course, to be able to interact in a free way with the functionality of the app, you must first register for the service. At the moment it is still possible to reply to received messages.
The app was top of the charts of the App Store for several days, even if the fashion of use it has faded with the passing of the day, also because of its limited functions.
The problem, however, is that Sarahah probably compromised the contacts of the users who have used it. Like many other apps, even Sarahah asks permission to access the contacts, but apparently the use of this data is not very transparent. As confirmed by various experts in security, the app collects and immediately upload all the contact information on the server third parties. In practice, Sarahah affect these data and the anonymity of all the people in the address book of the users.
The contact lists are uploaded to an unknown server, either via the iOS app that Android. In addition to the numbers and e-mail, the app accesses other information stored in the contacts, such as anniversaries, birthdays, and job type.
Developers Sarahah have written on Twitter that will eliminate soon this functionality related to the contacts, through an update that will be coming in the next few days. Apparently, the idea was to offer a function similar to “Find friends”, but then due to technical problems the idea has been abandoned, leaving, however, a “bug” related to the capture of these data. The same developers have explained that already now the data is no longer stored on their server. Clearly, this assertion cannot be confirmed or disproved.
Link to the original article: The app Sarahah compromises our contacts?