Uncategorized

After the hype comes the disillusionment


No time right now?

The Clubhouse live audio app is particularly popular in Germany. A certain skepticism in dealing with the popularity miracle would be appropriate.

The Federal Association of Consumer Organizations is nailing it down and has the operators of the Clubhouse app send them a warning and a declaration of cease and desist with a criminal offense. First of all, it is about formalities.

Federal Association of Consumer Organizations warns Clubhouse

The consumer advocates complain that the app is operated without the mandatory legal notice and that the general terms and conditions and the data protection information are not available in German as prescribed, but only in English.

In addition to the formal aspects, the federal association also criticizes real data protection aspects. The consumer advocates are particularly against the fact that the clubhouse operator is claiming the right to use the contact information uploaded by the users from the smartphone address books extensively – for advertising purposes, among other things.

Almost finished!

Please click on the link in the confirmation email to complete your registration.

Would you like more information about the newsletter? Find out more now

Shadow profiles created from user address books

We had already reported a few days ago at t3n that Clubhouse actually uses the entries. For example, Clubhouse creates so-called shadow profiles for entries from the user address book that have no equivalent in service. These are profiles for people who appear in other people’s phone books, but who have not registered with Clubhouse themselves.

These are not the only dubious findings from a few weeks at a clubhouse in Germany. Various experts have already looked at the app in depth and come to some clear recommendations.

For the experts at Appvisory, a software-as-a-service for managing mobile devices in corporate networks, the matter is clear. They recommendto ban the app from company smartphones in any case and to comply with an urgent need to try the app anyway, only on a prepaid mobile phone without address book entries.

Integrated technology for recording calls

In addition to the negative aspects already mentioned, the appvisory operators found out that Clubhouse is technically capable of recording conversations in the best possible quality. This is exactly what the Hamburg IT security expert Thomas Jansen discovered and the mirror reported.

Jansen explains, however, that the function has no equivalent in the user interface and therefore cannot be activated from ordinary iPhones. This would require a jailbreak. However, it remains questionable whether the operators are able to activate it themselves. In any case, since the function is there, it must also be made transparent. Clubhouse doesn’t do that yet.

Other questions arise in connection with live audio processing. As we recently reported, Clubhouse is based on the backend platform of the American-Chinese live audio and video service provider Agora.io. The implications of this have yet to be questioned.

Interface allows reading of the user directory, capturing of accounts possible

As if that weren’t enough, Jansen was able to uncover a number of other data security problems. For example, the expert found that the service’s interface allows thousands of requests before it is throttled by the operator. In this way, Jansen estimates that it would take about a weekend to download the directory of all currently 2.8 million users unnoticed. Jansen was also able to use the high tolerance of the clubhouse interface to hijack clubhouse accounts by chance.

Clubhouse only responded belatedly to Jansen’s findings and responded with the usual marketing spokes. Always in progress, coming in the next few weeks, data security has the highest priority – the usual. That could offer space for a German alternative to clubhouse. It already exists, it’s called Dive and it’s supposed to officially start soon. Their makers promise: We adhere to the GDPR.

Most read

Leave a Reply

Your email address will not be published. Required fields are marked *