Technology » Personal Tech

Reports: Using Jack'd? Your Pics Could Be At Risk

by Kilian Melloy
Thursday Feb 7, 2019

If you've posted sensitive selfies at Jack'd, they might have been seen — and downloaded - not only by whomever you meant to share them with, but also by anyone on the Internet who knows where and how to look, warns IT news site The Register, which reported on a security flaw that allows people who aren't even using the service to access anyone's photos — even the naked ones that users might have intended for specific sharing purposes.

Worse, those photos can be harvested and stored on the hard drives of interlopers who might use them for blackmail, harassment, or just to embarrass people. In the world's anti-LGBTQ countries — some of which turn a blind eye to violence that targets gays, and others of which target gays for legal persecution — those images could literally mean the difference between life and death.

Or, as tech news site Ars Technica put it:

...intimate, private images—including pictures of genitalia and photos that revealed information about users' identity and location—were exposed to public view. Because the images were retrieved by the application over an insecure Web connection, they could be intercepted by anyone monitoring network traffic, including officials in areas where homosexuality is illegal, homosexuals are persecuted, or by other malicious actors. And since location data and phone identifying data were also available, users of the application could be targeted.

Jack'd is one of the many dating apps out there that men use to find hookups, look for dates, and swap sexy photos. It's a popular service, with more than five million downloads from the Google Play app store alone, notes UK news outlet the BBC, which also reported on the security flaw.

The Register alleges that they reached out to inform the people behind the app three months ago after they were alerted to the flaw by a researcher who also attempted to get the app's administrators to fix the problem. But the Register's account said that the company has done nothing to fix the problem, leaving them no choice but to take the story public:

In the interests of alerting Jack'd users to the fact their highly NSFW pictures are facing the public internet, we're publishing this story today, although we are withholding details of the flaw to discourage exploitation.

Global Dating Insights also looked into the issue, reporting that they received a response to their inquiries and were told the following:

"Our tech team is aware of the photo vulnerability and has already programmed the changes for this fix. They will deploy the fix this Thursday, February 7."

Those wishing to be on the safe side might want to delete their photos, media outlets suggested.

Kilian Melloy serves as EDGE Media Network's Assistant Arts Editor. He also reviews theater for WBUR. His professional memberships include the National Lesbian & Gay Journalists Association, the Boston Online Film Critics Association, The Gay and Lesbian Entertainment Critics Association, and the Boston Theater Critics Association's Elliot Norton Awards Committee.


Add New Comment

Comments on Facebook