Anonymous social app Yik Tak exposes users’ precise locations

Yik Yak’s revived messaging app It was supposed to bring back the days of truly anonymous local chat, but it may inadvertently make creepy life easier.Computer Science student David Tisser informed motherboard Yik Yak has a flaw that could allow an attacker to obtain the precise location of a post (within 10 to 15 feet) and a user’s unique ID. By mixing these two pieces of information, it is possible to track the user’s movement patterns.

Teather uses a proxy tool to determine that YikYak sends the precise GPS location and user ID in every message, even though users typically see only vague distance and city identifiers.An independent researcher verified the findings motherboardalthough it’s unclear if anyone exploited the vulnerability.

Yik Yak has yet to respond to a request for comment. The developers released three updates between April 28 and May 10, but it’s not certain if they fully address the exposed locations. However, it’s safe to say that this issue puts users at risk, especially if they share any sensitive information with local chatters.

All products featured by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. We may receive an affiliate commission if you purchase through one of these links.

Source link