Clubhouse promises fix after audio insecurely streamed from third-party website


Clubhouse has confirmed one of its users was able to siphon off audio feeds from the invitation-only app and make them accessible from a third-party website, raising security concerns about the fledgling service. A Clubhouse spokesperson told Bloomberg that “multiple rooms” were affected, and that the user behind the breach had been “permanently banned.” It said “safeguards” have been put in place to prevent a repeat, though it reportedly declined to provide specific details.

The incident is a reminder for Clubhouse users to be careful about sharing sensitive information in conversations held via the invite-only iOS app. This is especially important for any Chinese citizens or dissidents using the app, or any users concerned about state surveillance. Although Clubhouse is blocked in China, users are reportedly still able to access the service via VPNs.

This latest security incident comes a week after Clubhouse was criticized for vulnerabilities in its infrastructure. A report from the Stanford Internet Observatory found that users’ unique Clubhouse ID numbers and chatroom IDs were transmitted in plaintext, which could theoretically allow an outside observer to work out who’s talking to who on the app. Clubhouse also uses Shanghai-based Agora Inc, for its back-end infrastructure. As a Chinese company, Agora has a legal obligation to assist Chinese authorities in locating the source of audio if it’s deemed to pose a national security risk, the SIO said.

In response to last week’s report, Clubhouse said it plans to add additional encryption and blocks to prevent the service from pinging servers based in China, and that it would be hiring an external security firm to review the updates. Agora told the SIO that it only stores user audio or metadata when required for billing and network monitoring purposes. In a statement to The Verge, Agora said it “does not have access to, share, or store personally identifiable end-user data,” and that it does not route “voice or video traffic from non-China based users” through China.



Latest articles

Brazil’s ‘Upside-Down’ Forest Is Facing Devastating Destruction

The sweeping grasslands, dry forests, scrub and rugged mountains of Brazil’s Cerrado encompass some of the country’s most beautiful national parks. The region’s...

Best Pictures From 2021 Golden Globes

The Golden Globes took place on Sunday night, and they looked a lot different from past ceremonies. While Tina Fey and Amy Poehler...

Kinetic Pants From Ministry of Supply Look Like Dress Slacks but Feel Like Sweats

Even though you’re probably working from home, the worst thing you can do for your mental health is sit around in your pajammas....

Related articles

Leave a reply

Please enter your comment!
Please enter your name here