Freedom Chat App Security Flaws Expose User Data

Security Vulnerabilities Resolved in Freedom Chat

Freedom Chat, a messaging application, has addressed two significant security weaknesses. These flaws potentially allowed the identification of registered users’ phone numbers and the exposure of user-defined PINs to unauthorized individuals.

Phone Number Enumeration

Security researcher Eric Daigle discovered that it was feasible to ascertain users’ phone numbers. He reported this to TechCrunch after finding no established channel for security reporting within the Freedom Chat platform.

Daigle’s investigation revealed that the application’s servers permitted a large volume of phone number guesses. This allowed for the determination of whether a particular phone number was associated with a registered account.

PIN Code Exposure

Furthermore, Daigle identified a vulnerability that resulted in the leakage of user PIN codes. Analysis of network traffic using an open-source tool demonstrated that the app would transmit PINs of users within the same public channel.

Specifically, users automatically subscribed to the default Freedom Chat channel had their PINs broadcast to all other members of that channel. This could potentially enable unauthorized access to the app via a compromised device.

Researcher's Findings and Comparison

Daigle was able to enumerate the phone numbers of approximately 2,000 users who had joined Freedom Chat since its launch in June. This method mirrors a technique recently detailed by researchers at the University of Vienna.

The University of Vienna’s research involved scraping data from WhatsApp servers by matching billions of phone numbers, impacting some 3.5 billion user accounts.

Freedom Chat’s Response

Following notification by TechCrunch, Freedom Chat founder Tanner Haas confirmed the issues. A new version of the app has been released, and all user PINs have been reset as a precautionary measure.

The company is also actively removing instances where phone numbers were inadvertently visible and has implemented stricter rate-limiting on its servers to deter brute-force attempts.

App Store Update and Prior Incidents

In a recent app store update, Freedom Chat acknowledged the PIN exposure, stating that no messages were compromised. They emphasized that the lack of linked device support prevented access to conversations.

This incident follows a similar situation with Converso, another application previously managed by Haas, which was delisted from app stores after security flaws exposed user data.

Security Measures Implemented

• User PINs have been reset.
• Phone number visibility is being removed.
• Rate-limiting has been increased on servers.

Freedom Chat maintains that user privacy remains a primary concern and is committed to enhancing the security of its platform.