A popular iPhone call recording app exposed the recordings of thousands of users data, a security researcher at PingSafe has found. The Call Recorder app contains a security vulnerability that enabled third-parties to access a user’s entire library of recordings, just by knowing their phone number. Apple doesn’t offer call recording as a stock feature on the iPhone, so those wishing to do so easily need an app to facilitate the function. The app makers proudly claim the app has been downloaded over 1 million times and says it was a top 20 business app in 20 countries. Noted security researcher Anand Prakash was able to sniff out the flaw using a proxy to replace his phone number with the number of another user, enabling him to listen into recordings at will.
<p>After making sure that you have downloaded an app from official app stores, you would have to assume that it is protected and safe from standard vulnerabilities and privacy. However, data can have a tendency to leak if the application hasn’t been properly tested, causing privacy and data breach issues. If users have divulged sensitive information in such calls that involve financial data, it would be a good idea to consider changing any details that are easy to change.</p>