Clubhouse is an invite-only audio chat room app. Users can listen to live audio streams from virtual chat rooms and even join in discussions if the moderator allows it. At just over a year old and with 2 million users, including some of the world’s greatest minds, it's easy to get caught up in the excitement. However, the app hasn’t managed to seduce privacy and security experts in quite the same way.
From Chinese servers to contact sharing, we dissect Clubhouse’s security misdemeanors to help keep you safe.
A month after the app’s release, a user was discovered streaming audio feeds and metadata from multiple rooms to another website. Admitting the “data spillage” in an interview with Bloomberg, Clubhouse said that this violated its terms of service, banned the user, and added safeguards to stop this from happening again. How safe those safeguards are is impossible to say at this stage.
Clubhouse is invite-only. Once you manage to join, you can invite two other people. But there’s a catch. You have to give Clubhouse access to all your contacts to invite others.
Not everyone in your contact list is a trusted friend. It could include your previous boss, a bad ex, your hairdresser, business associates, or, if you’re a journalist, confidential sources. When you give an app access to a contact, not only are you telling the app that you’re connected to them, but you’re also telling the app that they are connected to you.
While granting an app access to your contacts isn’t big news, it poses some privacy issues:
When you hear the words “plaintext” and “data” in one sentence, it’s rarely a good thing. Combine that with certain governments that prosecute citizens for opposing speech, and you have a recipe for disaster. Clubhouse audio messages leave no public record after the speech occurs, but the SIO discovered that users’ unique Clubhouse ID numbers and chat room IDs are transmitted in plaintext (unencrypted) to servers operated by Agora, a China-based company. What does this mean?
Agora provides the “real-time voice engagement” part of Clubhouse. It transmits user data via Chinese servers to the rest of the world. Agora acknowledged that it would be required to support PRC law, including the oath to protect national security and aid criminal investigations by supplying user data. Since Agora claims they don’t store any user audio or metadata (except to monitor network quality), users are reassured. Partially. Given that SIO observed unencrypted room metadata being relayed to servers hosted and managed by China, the Chinese government can collect this information without even accessing Agora’s networks.
Researchers have discovered a flaw within Clubhouses’s backend infrastructure that could let hackers extract audio chat from the Agora API without having to use the Clubhouse app. Agora does not mix the audio from speakers into one track — each speaker is assigned an audio track containing metadata like their unique user ID. It's also likely that Clubhouse IDs can be connected to user profiles, which means that your data could be harvested, including your phone number, the subjects you’re interested in, and who you’re talking to – not ideal in countries where certain speech is punishable.
Is your audio data safe with Clubhouse? That depends on where it’s stored, how long it’s stored for, and whether your voice ever gets cloned.
How long is Clubhouse audio data stored for?
Where is Clubhouse data stored?
Can your voice be cloned from Clubhouse?
Voice notes are overtaking text, podcasts have the same demand as video, and forums like Reddit and comment sections are blowing up. Clubhouse is the natural next step for social media and a refreshing reprisal from a society soaked in images.
Now, you can drop into a live conversation about a new medical insight or talk to a researcher who is one of the best minds in their field. It’s great to hear that Clubhouse is operating a bug bounty program with HackerOne to weed out security holes. But what we also need from Clubhouse is a better managed outlet for discussion with tighter privacy controls. Clubhouse is still in beta mode, which is why we should demand privacy now instead of boycotting it later.
Want to read more like this?
Get the latest news and tips from NordVPN