Are app developers taking security seriously enough?
Mobile messaging apps have skyrocketed in popularity over the past few years, sparking something of a gold rush in the software world and the tech sector in general. There's still no better evidence of this than Facebook's ongoing acquisition of WhatsApp, announced in February, in which the social network agreed to shell out 19 billion USD (£11.4 billion) for the app – an order of magnitude higher than the sum it paid for Instagram two years ago.
More recently, a much stranger app set Silicon Valley alight. Yo, which was apparently developed in a matter of hours and allows users to send a single word – 'Yo' – back and forth, secured one million USD in funding.
Some might decry Yo as a waste of time, or an omen of the downfall of civilisation. Nonetheless, it managed to attract investors, as well as the goodwill of early adopters.
Then, however, Yo was hacked, with three Georgia Tech students telling TechCrunch they were able to seize users' phone numbers and spam them with anonymous push notifications. "I actually texted the founder and he called me back," one of the hackers added.
To Yo's credit, it acted quickly. The company hired one of the hackers, then founder Or Arbel wrote a blog on Medium in which he disclosed: "We were lucky enough to get hacked at an early stage and the issue has been fixed."
Many users and stakeholders will have no doubt breathed a sigh of relief at this point. Looking back, Mr Arbel's claims of an eight-hour development cycle are no doubt a little embarrassing, but the important thing is that users' personal data is now secure.
When we look at the incident in context, however, it's alarming that such a simple app was affected by such a massive bug – not least because security incidents in the mobile messaging space aren't exactly uncommon.
Snapchat, for example, was hacked in January, with 4.6 million users' personal data ending up being posted online. Even WhatsApp has received criticism for security failures such as sending messages unencrypted.
If developers want to dominate in a market that relies on users' handing over data such as telephone numbers, surely it's time they paid more than scant attention to security?
Why do we need your postcode?
Once you enter your postcode, Cable.co.uk will perform a live lookup and check all the available providers in your area.
This ensures you receive accurate information on the availability of providers and packages in your area.
Your information is safe with us. We won't share your postcode with anyone. Guaranteed.