Pregnancy-tracking app exposes sensitive personal information
Consumer Reports Labs tested Glow, a very popular menstrual cycle/fertility-tracking app, and found that the app's designers had made a number of fundamental errors in the security and privacy design of the app, which would make it easy for stalkers or griefers to take over the app, change users' passwords, spy on them, steal their identities, and access extremely intimate data about the millions of women and their partners who use the app.
According to Consumer Reports, "The ability to link accounts opened the way to the first vulnerability we found. It was a startling one. ... We discovered that as soon as a user sent the request to another user, their accounts were linked and the requesting user could see much of the other account's data- without the other account having to do anything.
The owner of the second account would receive an email saying that another user had made the request, but it didn't matter if that email got stuck in a spam folder or was never opened. The second user did not have to acknowledge or accept the invitation. As long as second account wasn't already linked with another one, the first person who requested linking of the account instantly gained access to the account's data.
Even worse, using the app-security software researchers were able to change any user's password without knowing the old password. The request for the old password was just for show, like a door lock with the deadbolt missing. It gave the appearance of security, but it didn't offer real protection against a malicious user.
According to Consumer Reports, "The ability to link accounts opened the way to the first vulnerability we found. It was a startling one. ... We discovered that as soon as a user sent the request to another user, their accounts were linked and the requesting user could see much of the other account's data- without the other account having to do anything.
The owner of the second account would receive an email saying that another user had made the request, but it didn't matter if that email got stuck in a spam folder or was never opened. The second user did not have to acknowledge or accept the invitation. As long as second account wasn't already linked with another one, the first person who requested linking of the account instantly gained access to the account's data.
Even worse, using the app-security software researchers were able to change any user's password without knowing the old password. The request for the old password was just for show, like a door lock with the deadbolt missing. It gave the appearance of security, but it didn't offer real protection against a malicious user.