Hacker Newsnew | comments | show | ask | jobs | submitlogin

If I were running one of these apps I have to say I would be terrified of being hacked. There will be a lot of explicit pictures exchanged between couples, including teens and a lot of people who will spend a lot of effort to get those photos behind their paywall.



Femi from Hipmob here: security is indeed a concern. There was a recent chain of stories around issues with the authentication of a couple of mobile messenger apps.

We've approached it from a couple of directions: we use TLS everywhere and we don't use any phone-specific identifying information (no IMEIs, phone numbers or anything of that nature). For advanced usage we also allow every single connection to the platform to be authenticated by the host application: if the user authenticates themselves to your servers you can generate a security token that you pass to the app and your app passes to our libraries. This verifies that you authorized the connection. We make that an option the developer can choose to use (or not): let us know if you think of any other scenarios that you think need additional care.

-----




Guidelines | FAQ | Support | API | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: