Is this app on your phone?
getty
Your data leaks through your phone. This happens because apps abuse permissions and then share or sell your information liberally. But sometimes the threat is even more serious and more alarming than that.
You should check out a website collated by the security researchers at Covert Labs, which has been dubbed “the insecure app store.” It currently includes “167 iOS apps scanned,” of which the researchers say “165 (have) exposed data.”
ForbesApple’s Upgrade Decision—Just 6 Weeks To Change Your iPhoneBy Zak Doffman
The team says it’s looking to shore up vulnerabilities, not just expose apps. “If you are the developer of an application listed in our registry,” it says, “contact our security team. We will promptly remove your listing and provide guidance on remediation.”
But sometimes the risks are high. “STOP USING THIS APP IMMEDIATELY,” one of the Covert Labs team has just posted on X. “I discovered a critical vulnerability in the ‘Chat & Ask AI’ app that exposes the entire chat history of over 18 million users.”
That amounts to “380 million messages, completely accessible to anyone who knows where to look.
This is as bad as it gets.
Every message you’ve ever sent through this app is sitting there unprotected.” And that includes anything personal or sensitive that might have been shared. “Mental health struggles, relationship problems, financial situations, medical questions, things you’d never tell another person.”
The hope is that app developers reach out as requested and plug these leaky holes. There is no suggestion the leaking is deliberate. And the team can help guide on how to resolve. But in the meantime, it’s worth iPhone users taking a quick look at this website, just in case any of these apps are on your device.
ForbesGoogle Changes Android To Stop You Installing ‘Dangerous’ AppsBy Zak Doffman
Per Tech Radar, “The fact that many of the leakiest apps are related to AI isn’t too surprising. In the rush to capitalize on the AI goldmine, it’s likely that many developers have cut corners or implemented lax security measures in order to get their app out the door and onto the App Store.” Hopefully, those corners can now be un-cut.
MacWorld says the website “can be used as a source to check the security of an AI app they may be considering in the App Store. How did these apps get onto the App Store with their security holes in the first place? That is unknown.”