The recent massive influx of Chinese netizens on the emerging voice community platform Clubhouse has raised concerns. (Image source: Web screenshot)
However, a new study found that Clubhouse has a security vulnerability that allows the Chinese government to access users’ personal information. Clubhouse has responded that it is reviewing its user protection measures and will strengthen its encryption within three days.
Clubhouse has a personal information leak
Earlier it was rumored that the technology behind Clubhouse came from the Chinese technology company Agora. Now, the Stanford Internet Observatory (SIO), a U.S. cyber policy research organization, has confirmed that the backend infrastructure of Clubhouse was indeed provided by Agora, a Chinese technology company, and that Agora may have obtained the original audio data of users and may have provided that data to the Chinese government.
According to China’s National Intelligence Law, all Chinese are required to assist in intelligence gathering, with Article 10 stating, “State intelligence agencies shall, in accordance with the needs of their work, use the necessary means, methods and channels in accordance with the law to carry out intelligence work within and outside the country.” Article 14 states, “State intelligence agencies may request the necessary support, assistance and cooperation from relevant organs, organizations and citizens.”
SIO also cautioned that Clubhouse user IDs are transmitted over the network in plain text files, making them “easy to intercept,” and that anyone watching network traffic can check the IDs of shared chat rooms to find out who is talking to whom.
In response to the SIO study, Clubhouse also responded. Clubhouse said that a security update will be made within the next three days to prevent the transmission of Clubhouse users’ personal information to Chinese servers. Clubhouse also plans to work with an external data security firm to ensure these changes are effective.
For its part, Sound.com would not comment on the relationship between Clubhouse and Clubhouse, but claimed it could not access or store Clubhouse users’ personal information.
Beware of “phishing” arrests by the Chinese Communist Party
Publicly available information shows that Clubhouse is a social networking service mobile application released by software company Alpha Exploration Co. and has been around for less than a year. To use Clubhouse, users must first obtain an “invitation code” in order to register for an account. Once a user has an account, they can join any chat room and listen to the discussions or speeches in it.
Because users use the software to chat, no records are left behind, i.e. all instant information “disappears” with the closing of the chat room, and is therefore sought after by many mainland netizens.
Earlier in the day, Reuters visited several Chinese “clubs” and found thousands of users discussing everything from Xinjiang concentration camps and Hong Kong‘s national security laws to Taiwan issues and even the status of former U.S. President Donald Trump. It was also discovered that many mainlanders were discussing sensitive topics such as the June 4 Incident, the Communist Party’s national security and the first anniversary of Li Wenliang’s death in Clubhouse chat rooms.
But some experts worried at the Time that the Chinese Communist Party was trying to “phish” for people through the Clubhouse platform.
According to online information, the Shanghai-based “Sound Network” was founded in 2013, and although the company’s official website does not mention any relationship with Clubhouse, it lists more than 50 apps developed in cooperation with the company, including the technology company “Xiaomi” and the social platform “Stranger”. Social platform “Stranger”, live streaming platform “Douyu” and so on.
Recent Comments