Last week, the Clubhouse chat app ensured its users that their data can't be stolen. However, on Sunday, reports started flooding the internet noting that one hacker has reportedly proven that the platform's private live audio can actually be made public.
Co-CEO of Internet 2.0, however, alleges otherwise and said that a user just shared their own logins while the world thought that the conversation was private.
Is Clubhouse Safe?
Certain Clubhouse audio feeds were streamed by an unidentified user this weekend, which reportedly came from a number of different rooms into the company's very own third-party website (per Clubhouse spokeswoman known as Reema Bahnasy). According to a story by Bloomberg, the company announced that the user was permanently banned and that they have taken certain measures by installing new safeguards in order to stop the incident from happening again.
The report, however, mentioned that researchers contend the said platform isn't really in the right position to make certain promises.
The Stanford Internet Observatory said that the users of the invitation-only iOS app should reportedly assume that all of the conversations are being recorded. For what it's worth, the SIO is the first institution to publicly raise the security concerns of the app back on Feb. 13.
Alex Stamos, the director of Facebook and SIO's former security chief, shared that Clubhouse cannot provide any kind of privacy promises for certain conversations that were held anywhere around the world.
Did Clubhouse Really Got 'Hacked'?
Stamos, along with his team, were all also able to confirm that Clubhouse now relies on a certain Shanghai-based startup known as Agora Inc. to help the company handle several of its back-end operations. While Clubhouse is now responsible for the whole user experience like finding rooms, adding new friends, the platform reportedly relies on theChinese company in order to process its data traffic as well as audio production, according to Stamos.
However, the co-CEO of Internet 2.0 Robert Potter--who is also a Cyber Security Fellow CRS at Tama University--noted that the story was actually very different. According to his Twitter post, the Clubhouse "hack" wasn't really a hack but rather a certain user setting up a particular way to share his own login along with the rest of the world. The whole problem was that people actually thought that the conversations were private.
Robert Potter Alleges Clubhouse Wasn't Hacked
Explaining what had happened, Potter noted that at a technical level, the particular user was able to share his account through the use of an open-source platform. However, the supposed user did not really "hack" anything aside from just himself. It's also most likely a violation of the said terms of service but not really something that Potter would call an actual hack.
Going back to Stamos, it was noted that Clubhouse's dependence on the company Agora actually raises certain privacy concerns, especially for those Chinese citizens as well as those users who are under the impression that their conversations are not within reach of state surveillance.