U.S. markets closed
  • S&P 500

    4,158.24
    +100.40 (+2.47%)
     
  • Dow 30

    33,212.96
    +575.77 (+1.76%)
     
  • Nasdaq

    12,131.13
    +390.48 (+3.33%)
     
  • Russell 2000

    1,887.90
    +49.66 (+2.70%)
     
  • Crude Oil

    115.07
    +0.98 (+0.86%)
     
  • Gold

    1,850.60
    +3.00 (+0.16%)
     
  • Silver

    22.14
    +0.17 (+0.77%)
     
  • EUR/USD

    1.0739
    +0.0006 (+0.05%)
     
  • 10-Yr Bond

    2.7430
    -0.0130 (-0.47%)
     
  • GBP/USD

    1.2631
    +0.0025 (+0.20%)
     
  • USD/JPY

    127.0850
    -0.0170 (-0.01%)
     
  • BTC-USD

    29,155.67
    +304.08 (+1.05%)
     
  • CMC Crypto 200

    625.79
    -3.71 (-0.59%)
     
  • FTSE 100

    7,585.46
    +20.54 (+0.27%)
     
  • Nikkei 225

    26,781.68
    +176.84 (+0.66%)
     

Anonymous social app Yik Tak left users' precise locations exposed

·Reporter
·1 min read
DGLimages via Getty Images

Yik Yak's revived messaging app was supposed to bring back the days of truly anonymous local chat, but it may have inadvertently made life easier for creeps. Computer science student David Teather informed Motherboard that Yik Yak had a flaw that let attackers obtain both the precise location for posts (within 10 to 15 feet) and users' unique IDs. Blend the two pieces of info and it's possible to track a user's movement patterns.

Teather used a proxy tool to determine that YikYak sent both the precise GPS position and user ID with every message, even if users would normally only see vague distances and city identifiers. An independent researcher verified the findings for Motherboard, although it's not clear if anyone has exploited the flaw so far.

Yik Yak hasn't responded to requests for comment so far. The developer released three updates between April 28th and May 10th, but it's not yet certain if they completely address exposed locations. However, it's safe to say that the issue left users at risk, especially if they shared any sensitive information with local chatters.