Confide users take note: a new lawsuit alleges that the encrypted messaging app reportedly favored by members of Donald Trump's administration isn't as secure as it claims to be.
Confide is advertised as an "encrypted, ephemeral and screenshot-protected messenger" that lets you "speak freely, without the risk of what you say being forwarded on or permanently stored, just like when you're talking in person." But, as was reported by Recode, a lawsuit filed yesterday in the Southern District of New York claims that the Windows version of Confide doesn't offer screenshot protection.
"Confide represents, in no uncertain terms, that its App blocks screenshots. But that isn't true," according to the complaint. "Any Confide user accessing the platform through the Windows app can take screenshots of any and all received messages."
Confide in a statement to PCMag denied those claims.
"The accusations set forth in the complaint are unfounded and without merit," Confide said. "We look forward to responding to this frivolous complaint and seeing this case swiftly thrown out of court."
On its website Confide says that "where [screenshot] prevention is not technically feasible, our patent-pending reading experience ensures that only a sliver of the message is unveiled at a time and that the sender's name is not visible." The suit says that's not the case. When taking a screenshot using the Windows app, the image can include "the entire content of the message as well as the identity of the sending party," the suit contends.
Related
- DARPA Wants Help Developing a Secure Messaging PlatformDARPA Wants Help Developing a Secure Messaging Platform
Confide further promises to notify the sender if a screenshot has been attempted, and to "kick the recipient out of the message."
"In reality, Confide does not notify anyone when a screenshot was taken when the recipient uses the macOS or Windows app," the complaint notes. "Worse, the offending party taking the screenshot is never removed from the message, ensuring that the sender continues sending confidential or otherwise sensitive information."
The suit comes after researchers at security firm IOActive recently discovered multiple critical vulnerabilities in the Confide app. Those flaws could have allowed an attacker to impersonate a Confide user, sneakily sleuth people's contact details, alter the contents of a message or attachment in transit, or "become an intermediary in a conversation and decrypt messages." IOActive reported the flaws to Confide and the company has patched all the holes.
The Yahoo Human Rights Trust was meant to aid Chinese dissidents.
Concerned about the wrong person snagging unauthorized access to your Google account? You can run a security check on your account to make sure it's as safe and secure as possible.
It still has more chat services than it knows what to do with.
The nonprofit has looked at the power sources your favorite internet companies are using: and most of them aren't doing well.
Relax Lawsuit Slams Security of Confide Messaging App stories
By using non-Latin Unicode characters, it's theoretically possible to register a domain name for a phishing website that looks nearly identical to the one it's trying to spoof.
Microsoft plans to incorporate the best features of Wunderlist into a new app, To-Do, over the coming months, then discontinue Wunderlist.
A class-action lawsuit claims Bose secretly collects and records all content played through their Bose wireless headphones, and shares this data with third-parties without consent.
Your Timeline offers a 'daily snapshot' of the things you've done and the places you've been on a given day, month, or year.
Secure communication should really be at the top of mind for any entrepreneur. And the best line of defense probably isn't what you think.
Google settles antimonopoly lawsuit in Russia, pays $7.85 million in fines, and promises not to restrict rival search engines on Android.
Researchers from MIT have developed a series of tools called WaitSuite that test you on vocabulary words during times you wouldn't otherwise be doing anything.
37 restaurants confirmed as having malware installed on point of sale equipment and card details stolen between December and March.
Limiting your user base limits the damage of your mistakes and turns users into brand evangelists.
The Switch is selling well, now Nintendo wants to ensure the games do too by thwarting piracy before it happens.
It was meant to be joke malware, but the author managed to infect himself, and the game is impossibly hard.
The company is investigating a report that data for payment cards used at Gamestop.com has shown up for sale online.
The new version of M launching today is completely automated, and will appear in your chats to make you aware of Messenger features you might not have known about.
A deal with Universal Music Group means that next album from Katy Perry or Kendrick Lamar could debut on Spotify Premium two weeks before the ad-supported version.
A security researcher demonstrated an exploit that uses digital terrestrial TV signals to implant malicious code in the web browsers of smart TVs.
Recent Congressional action to overturn FCC rules on data sharing won't impact internet users' privacy, ISP executives say.
Pornhub on Thursday officially switched to HTTPS, so visitors can now access the site over an encrypted channel. YouPorn will also soon be making the switch.
Congress just moved to let ISPs sell your personal data. Here's how to protect yourself.
Uber's diversity problem is perhaps most apparent when looking at the makeup of its tech leadership team, which is 88.7 percent male, and entirely white or Asian.
On the down side, the new Web-based version of Tinder isn't available in the US at the moment.
If imitation really is the sincerest form of flattery, then Snapchat should feel extremely flattered right now.
It's a 12-sided coin packed full of features to make it very difficult to counterfeit.
Researchers 3D printed an attachment that can let a smartphone's camera analyze a semen sample to determine its sperm count.
The rule requires ISPs to get consent before they sell sensitive consumer data. Republican Senators and FCC members say it's unnecessary and harmful to ISPs.
The leaked documents include user guides that show the CIA's efforts to install its surveillance code on Mac firmware.
Amazon is refusing to give authorities investigating a murder access to data from Alexa.
Vizio secretly collected viewing data from 11 million TVs, according to an FTC complaint.
We live in a world of mass surveillance. Here are some tips for staying anonymous while still staying online.
There are certain habits they pursue every day to maintain a healthy perspective.
If entrepreneurs believe in themselves and their businesses, their enthusiasm can become contagious.
The company wasn't able to ship even a single smart credit card.
Now that we know you can squeeze the juice from Juicero's produce packs with your bare hands, the company is offering customers refunds on its $400 press.
More customers in the South, Midwest, and California could soon see speeds of up to one gigabit per second.
You may want to pay more attention to what type of flash memory your next smartphone will come with.
By using non-Latin Unicode characters, it's theoretically possible to register a domain name for a phishing website that looks nearly identical to the one it's trying to spoof.
This robotic chair allows disabled kids to explore their surroundings by touching a screen to steer.
The company in its 2017 Environmental Responsibility Report said it aims to have a 'closed-loop' supply chain, 'where products are built using only renewable resources or recycled material.'
These could disappear at any time. You snooze, ya lose!
Enjoy mood setting deals including the G Pen Elite, Mackie CR3 speakers and LIFX Gen 3 smart LED bulbs.
Waxes, oils and shatter. Oh my!
