Thursday , January 21 2021

If you use this application, delete it immediately



Go SMS Pro, a very popular SMS messaging application, has a serious drawback that allows almost anyone to view photos, videos or audio messages sent through it.

At stake is the data of millions of people

The Go SMS Pro app has been downloaded by over one hundred million users on their smartphones, making it one of the most popular messaging apps for Android smartphones.

One of the features of Go SMS Pro is that it sends photos, videos or other multimedia content to users who use another application to send and receive SMS messages in the form of a web connection. Clicking on the link allows the recipient to access the content.




Thus, the Go SMS Pro application packs multimedia content for those message recipients who do not use it.


Thus, the Go SMS Pro application packs multimedia content for those message recipients who do not use it.
Photo: Trustwave

But Trustwave information security experts found out a few days ago how Go SMS Pro actually handled such messages – very carelessly.



SSD, disk



Digisvet


How to turn an old computer into a rocket with one tactical change






Everyone could see your private photos

When a user submits a photo, for example, it is uploaded to a server and given a web link to open it. The problem is that the URLs of the web links were consecutive. Anyone who changes the serial number in the application received in the SMS message can access the following photo or content on the server. And so on and so forth:




Go SMS Pro


Photo: Trustwave

This potential misuse of personal data was not limited to Go SMS Pro users or those receiving their messages. Anyone who knows the form of a web connection can theoretically view all communications of all Go SMS Pro users.

At the well-known technology medium TechCrunch, before Trustwave sent the work to the public, they conducted a test and determined that the vulnerability was serious. By changing the serial numbers in the link, they gained access to confidential financial information, home addresses and many private (illustratively, they wrote) photographs.




There are many alternatives to sending SMS messages through the GO SMS Pro application for users of Android smartphones.  The easiest way is to use the standard sms application, but you can also use one that particularly emphasizes privacy, such as Signal.


There are many alternatives to sending SMS messages through the GO SMS Pro application for Android smartphone users. The easiest way is to use the standard sms application, but you can also use one that particularly emphasizes privacy, such as Signal.
Photo: Matic Tomcic



Applications



Digisvet


List of applications to be deleted immediately






The application is still available, it has been updated, but it is not clear if the security hole is patched

Google responded to the Trustwave discovery by withdrawing the app from the Google Play Store. but can be reinstalled from Mondaybecause it has been updated. Whether the problem is resolved is not known, as the application developer did not respond to any questions from the media or a “Confidential Wave” warning.

He first reminded the developer of the Go SMS Pro app of a serious security hole that allowed the contents of the messages to be viewed in August and urged him to issue a correction immediately, but they fell on deaf ears.

Read also:



Money, euros, banknotes



Digisvet


We detect entities that offer “soft” loans during an epidemic








Huawei, honor



Digisvet


Huawei seems to have found a buyer for Honor







Nokia 5.3



Digisvet


Nokia 5.3: Pretty much a smartphone for a very reasonable price








HUAWEI Mate 40 Pro



Digisvet


Huawei Mate 40 Pro: Impressive in many ways, but some are unlikely to fit in









Source link