Clubhouse says it will review its policies after Stanford warned that data may be shared with China's government
Clubhousesaid it would review its datapolicies after Stanfordresearchers found security issues.
- Stanford Internet Observatory researchers said user data was sent as plaintext.
- Some users have "found a workaround" to download Clubhouse in
China, the company said.
As Chinese-language users flocked to the Clubhouse audio chat app, internet researchers at Stanford warned their information may be shared with China's government.
Clubhouse responded on Friday by saying it planned to review its policies and roll out added encryption in the next "72 hours.""With the help of researchers at the Stanford Internet Observatory, we have identified a few areas where we can further strengthen our data protection," Clubhouse said in a statement published as part of a report from the Stanford Internet Observatory (SIO).
"This relationship had previously been widely suspected but not publicly confirmed," according to the report's authors: Jack Cable, Matt DeButts, Renee DiResta, Riana Pfefferkorn, Alex Stamos, and David Thiel.The researchers cited an SEC filing in which Agora said it was required to help the Chinese government in national security and criminal investigations.
invite-only app has grown quickly. Tesla CEO has popped up on the app, and is reportedly planning an appearance with Kayne West. Facebook is reportedly working on a competitor. Clubhouse's developers released their app in every country but China. But some users in China have "found a workaround" to download it, Clubhouse said in its statement. Because those users were in China, the "conversations they were a part of could be transmitted via Chinese servers," the company said.
Clubhouse said: "For example, for a small percentage of our traffic, network pings containing the user ID are sent to servers around the globe - which can include servers in China - to determine the fastest route to the client."
SIO researchers reported that they saw data from Clubhouse users being transmitted without encryption.The researchers said: "Further, SIO has determined that a user's unique Clubhouse ID number and chatroom ID are transmitted in plaintext, and Agora would likely have access to users' raw audio, potentially providing access to the Chinese government."
SIO researchers said they had seen metadata from one Clubhouse room "being relayed to servers we believe to be hosted" in China. Some Clubhouse IDs could be matched with user profiles, they wrote. Clubhouse asks users to sign up with their real names.
In its statement, Clubhouse said it planned to ask an external data security firm to review its security updates.Stanford's researchers said they had published their report on the Clubhouse security issues because "they are both relatively easy to uncover and because they pose immediate security risks to Clubhouse's millions of users, particularly those in China."
- Stocks to track on March 4 — HDFC, Airtel, Infosys, Adani Ports and others
- Deficit budget tabled in Arunachal Assembly with focus on
- DPR for piped water connection project announced in Rajasthan Budget to be ready by Aug 30: BD Kalla
- Budget session of Karnataka legislature to begin on Thursday
- Bharat Biotech’s Covaxin shows 81% efficacy after second dose in phase 3 trials