Periscope smeared by streaming security SNAFU
Live vid titles leak from Twitter's new app for the Bong! crowd
Twitter's Meerkat-strangling live streaming app Periscope has had its first privacy SNAFU, leaking the titles (but not the content) of videos meant for private circulation only.
Periscope allows users to stream live video into their Twitter feeds. The app debuted mere days after a very similar app, Meerkat, became the Bong! crowd's latest darling.
The flaw in Twitter's app means audio and video of a private broadcast will remain private: only the title leaks. While most users will think of it as an annoyance more than a catastrophe, there will still be some Bobs wondering if the mere title Private Striptease by Alice for Bob might tip off Eve that there's something to ask about.
Periscope Tweeted the problem thus:
2/If Tweet option is ON, and then you switch to private broadcast mode, the app will accidentally tweet the title of your broadcast.— Periscope (@periscopeco) March 31, 2015
3/Your video IS STILL PRIVATE. The link WILL NOT load video or audio. Only intended participants can view the broadcast in the app.— Periscope (@periscopeco) March 31, 2015
4/In the meantime, A temporary solution is to disable the Twitter button before tapping the private lock icon. This will disable tweeting— Periscope (@periscopeco) March 31, 2015
5/We're very sorry and worked to fix this bug as soon as we discovered it. Should be live in the App Store soon (we will confirm when it is)— Periscope (@periscopeco) March 31, 2015
Twitter's chequebook-wranglers worked at relativistic speeds when it became clear that Meerkat had quit standing and looking around and was on a sprint, something confirmed at SXSW when VCs started unloading overburdened wallets in its direction.
The microblogging macrophage had already roped its merger-and-acquisition department to the oars, beat the drum, cracked the whip, and grabbed Periscope in January, but waited until just before SXSW to go public with the buy.
A Twitter user known to Vulture South, @scott_thewspot drily noted that Periscope's privacy bug doesn't affect Android or Windows Phone apps (because there's only an iOS client at this stage). ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust