Yo, the stupidly hyped-up and pointless smartphone app that lets you send the word “Yo” to your contacts (and nothing else), was hacked briefly last week by some college students.
Surprised? I’m not.
After all, the app’s makers brag that it only took eight hours to create. If that’s really the case, was there any consideration about security at all?
If there was any thought about security and privacy, it clearly wasn’t enough. Because, as TechCrunch reported, the app was hacked by three students from Georgia Tech soon after its creators claimed they had received over $1 million in funding.
wow. many 1337. such bad security.
I hacked Yo. Use hashtag #YoBeenHacked to talk about it.
I guess we should be grateful that the message the hackers pushed to users’ phones was asinine, rather than something crafted with more malicious intent. And it’s a blessing that the only information Yo carried about its users was their phone numbers, seeing as the hackers were able to access that too.
But in the rush to experience the latest hyped-up app – an app which wasn’t properly thought through or secured – many smartphone users put themselves at unnecessary risk, and granted Yo access to phone numbers.
As more and more people were drawn to Yo, others began to question how secure its infrastructure was. Some went beyond sending daft messages and found ways to impersonate others.
Yo clearly wasn’t built with security in mind, yet hundreds of thousands of people were quite happy to try it out.
So, what now for Yo?
Well, its founder Or Abel has published a blog post saying Yo was “lucky enough to get hacked at an early stage and the issue has been fixed.”
In that blog post, Abel takes almost 500 words explaining how the hack worked, and that he has hired one of the hackers to work on “other aspects of the Yo experience” before he gets around to apologising to affected users.
Yo is a simple app – your privacy isn’t. We take your privacy very seriously, we apologize from the bottom of our hearts…
Abel is wrong. Privacy can be very simple.
Here’s a simple way to avoid all privacy and security problems with Yo: Don’t install the app. It’s not just stupid, it’s proven itself to be insecure. Just say no to Yo.
PS. By the way, regardless of security – there’s another bee in my bonnet about Yo. Its lack of originality.
After all, isn’t Yo just a modern-day equivalent to Facebook’s Poke feature?
What do you think of Yo? Am I being too harsh? Leave a comment expressing your point of view below.
