+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Secret CEO: Well...You're Not ALWAYS Completely Anonymous Or Untraceable On Our App

Aug 22, 2014, 20:32 IST

Secret Here's a screenshot of the app Secret

The CEO of anonymous sharing app "Secret" wants users to know that they're not guaranteed anonymity.

Advertisement

"We do not say that you will be completely safe at all times and be completely anonymous," CEO David Byttow told Wired's Kevin Poulsen.

Poulsen talked to Byttow after a hacker revealed to him that he could find out all the Secrets Poulsen shared on the app. The idea of the hack was simple, though the process was a bit arduous:

Secret pulls in information from your contact list, so you only see posts from your friends, or from friends of friends. So, if you delete your real contact list, make a bunch of dummy Secret accounts, add the email addresses you used to make them to your blank contact list, then added someone's real email address to your contact list, the only real posts you'd see from "friends" in your Secret feed would expose the poster. Viola: You know all that one friend's secrets.

Because the hacker, Ben Caudill, is "white hat" (a hacker who considers him or herself to be ethical), he revealed the flaw to Secret and Byttow's team has since fixed the vulnerability - their algorithm now detects bots or other suspicious activity and will start being more vague, like labeling posts as from someone "in your circle" instead of from a "friend" or "friend of a friend."

Advertisement

In fact, since Secret started offering a bounty for hackers that alerted the company about bugs in the app in February, it has learned about and fixed 42 different security holes. The numbers are a clear warning: Secret isn't perfectly secure and the term "anonymous" should be taken with a grain of salt.

Here's a look at some of the "popular" secrets being highlighted on Secret's homepage right now:

Secret

"The thing we try to help people acknowledge is that anonymous doesn't mean untraceable," Byttow says.

In other words: Maybe think twice before you share that explicit image or scandalous detail.

Advertisement

Read the rest of the Wired piece here.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article