Daily we come across the launch of many upgraded chatting apps. To lead the race in swadeshi style, Baba Ramdev recently has launched Kimbho chatting app which is similar to WhatsApp. Where this app was claimed to be secure, a French security researcher Elliot Alderson termed it as a “security disaster”.
Alderson tweeted that he went through the app where he is able to easily access messages of all the users. Not only this, he was also able to access the personal user ID and the phone numbers of the users using the app.
The @KimbhoApp is a copy paste of another #application. The description and the screenshots in the app stores are the same. Moreover, the #Kimbho app is making request to bolomessenger[.]com pic.twitter.com/gOKOhash5X
— Elliot Alderson (@fs0c131y) May 31, 2018
The researcher further claims that this app is the copy-paste version of Bolo app. Here he pointed out that the app description and the format for the OTP SMS for authentication for the Kimbho app were same as the one for Bolo Messenger. Thus Alderson suggests not to download Kimbho app as it has many security and other related flaws.
Alderson prompted UIDAI for issues which were related to their official Aadhaar app, OxygenOS, NaMo app, Congress app and Paytm app.
He claimed in his tweet that these apps are collecting a considerable amount of data without indicating the scope of the collection. The names of official websites like Indian Post, ISRO and BSNL are also in the list.
This @KimbhoApp is a joke, next time before making press statements, hire competent developers… If it is not clear, for the moment don't install this app. #Kimbho #KimbhoApp pic.twitter.com/wLWzO6lhSR
— Elliot Alderson (@fs0c131y) May 30, 2018
Kimbho was launched and made available to Android and iOS users free of cost from Google Play Store and Apple App Store yesterday. This app supports all from group chats to video calling.
The Patanjali app was introduced, propelling it as a challenge to WhatsApp yesterday. The company claims that in only first 3 hours of making the app live on the Google Play Store more than 1.5 lakh people started downloading. However, after the severe criticism by the French Security researcher, the app disappeared from the Store claiming that it was just a “trial” and will soon be launched.