Clubhouse confirms data spillage of its audio streams

Clubhouse confirms data spillage of its audio streams

Posted February 23, 2021

Clubhouse confirms data spillage of its audio streams

  • The app allows users to join and participate in pop-up public or private audio chatrooms, promising that conversations are not recorded and have to be experienced live.
  • But US cyber-security researchers tweeted that a user had found a way to stream audio to another website.
  • Stanford’s cyber-security researchers discovered several security flaws, including the fact that the users’ unique ID numbers and the ID numbers of the Clubhouse chatrooms they created were being transmitted in plaintext and it could be possible connect IDs to specific user profiles.
  • The researchers were also concerned that the Chinese government could gain access to the raw audio files on Clubhouse’s servers, because its back-end infrastructure is provided by a real-time engagement API firm called Agora, which has offices in both Shanghai and San Francisco.
  • While it might sound alarming to hear that audio conversations on Clubhouse can be taken out of the app, this isn’t exactly new.
  • Users are already using the video and audio recording functions on their devices to capture conversations had by celebrities like Elon Musk and Kevin Hart, and uploading them to YouTube.

– Mary-Ann Russon | February 23, 2021