There’s a stupidly simple but tedious trick to identify your friends on Secret

Secret Hack How to Identify FriendsImage Source: The New York Times

Popular app Secret may offer you a way to publicly and anonymously share some of the things you’re really not supposed to tell or you wouldn’t want to otherwise share with others, but that doesn’t mean your identity remains concealed at all times. In fact, Wired reveals that there’s actually a stupidly simple way of tracking someone on Secret to see what they have to say.

In short, what you have to do is create a bogus contacts list to replace your actual contacts. This new list will containcontacts made up by you, and each one will be associated to its own bogus Secret account. Once you’ve done this, you then add one single contact entry (real this time) for the person you want to spy on in Secret – in total, you must have at least seven contacts, including the real one. Once that’s done, you can use Secret to spy on that person, as you’ll only start receiving secrets from that one real contact given that you control the others.

However, you can’t use this method to spy on multiple people simultaneously unless you’re using multiple handsets at the same time, each phone targeting a single person.

Furthermore, as easy as this hack sounds, Secret is already fixing it so it may not actually work by the time you get to try it. Ben Caudill, a white hat hacker, revealed the security issue to Secret by successfully testing the hack on Secret CEO David Byttow, and the company plans to address it accordingly.

Secret has further mentioned that while it tries to ensure the anonymity and safety of its users, smart hacks like this one are always possible.

“The thing we try to help people acknowledge is that anonymous doesn’t mean untraceable,” Byttow said. “Secret is not a place for unlawful activity, or to make bomb threats or share explicit imagery. … We do not say that you will be completely safe at all times and be completely anonymous.”

Source:
Wired
blog comments powered by Disqus