Internet may be an exciting place, but it is no secure place in any way. Once you are in here, protecting your privacy is a complicated task. With the advent of the smartphones, our data is becoming less protected, and many smartphone apps access nearly everything on our phones, from photos to contacts and what not. Sarahah is the recent trending app that is widely being used by the youngsters. It appeared as a fun way of sending anonymous messages to people, but the results are not as funny as it appears. Some cases of bullying were heard, but that is certainly not the only fear.
The Sarahah app silently uploads your phone and email contacts to the company database, and there is no good reason why the app needs them. Zachary Julian, a senior security analyst at Bishop Fox, noticed the app behavior. The app initially asks permission to access your contacts, and you can choose to use it without allowing the permission. However, it does not let you know that all this data is harvested and uploaded to the company’s server.
The app was meant to receive anonymous feedback from friends and colleagues. Zain al-Abidin Tawfiq, the founder of Sarahah, says that the contacts are accessed for a feature that is yet to be introduced. According to Tawfiq, the ‘find friends feature’ was delayed due to a technical issue. When the concerns about privacy were raised, the founder replied with a Tweet.
Sarahah App asked for contacts for a planned "find your friends" feature
— Zain ??? ???????? ????? (@ZainAlabdin878) August 27, 2017
He also said that the “data request will be removed on next update,” and the app’s servers don’t “currently host contacts.” Not everyone allows access to contacts but the ones who do, wish to get some relevant feature. As of now, there is no friends list or the option to see the contacts on this app, but you can search for people with their phone number if you want to deliver some feedback.
Initially, Julian discovered this behavior by monitoring Android software, but later he discovered the same in the iOS version of the app.
Nearly all apps that provide any social connection access the contact lists on your phone. The only problem with Sarahah doing the same is that it is not providing a feature in return, at least not yet. It is a privacy invasion even if it is not used in a harmful way. Also, it sounds suspicious why the developers would make the effort of harvesting contact information if it is not being used in any way.
We find it quite suspicious though! What do you think about this latest trending app Sarahah? Comment below.