TADHack Paris Part 3 on #vuc583, Friday 4th March 1800 CET

VUC #583On Friday 4th March we’ll have part 3 of TADHack Paris winners on #vuc583. Rianne Goijarts (Goija), Steven Bakker (DesignTotal.nl), Adam Kalsey (Cisco), Tim Panton (Westhawk), and Johannes Ruetschi (Unify) will explain their hacks, share their experiences and discuss topics around telecom app development.  We’ll also give a quick update on TADHack Japan held over Valentines weekend, and what we have planned for TADHack London in April and TADHack Montevideo in May.

The VoIP Users Conference is a weekly live discussion about VoIP, SIP, Asterisk and all kinds of telephony-related topics. It is hosted by Randy Resnick and runs every Friday at 1800 CET. The conference has been running weekly since March, 2007. In 2012, Google Hangouts were added. You can watch the latest one live or recorded on this page. Via SIP you can access on wideband g722 sip:vuc@vuc.me or call over the good old PSTN using this number +1 (646) 475-2098.

Rianne and Steve will review WhatsSpy Public (not to confuse with WhatsSpy) is an web-oriented application that tracks every move on WhatsApp of whoever you like to follow (by only knowing their phone number). This application is setup as an Proof of Concept that WhatsApp is broken in terms of privacy. It keeps track of the following activities:

  • Online/Offline status (even with privacy options set to “nobody”)
  • Profile pictures*
  • Status messages*
  • Privacy settings

* only if privacy option is set to “everyone” (set by default)

This hack creates a script to access the 1000 million active accounts (Feb ’16, likely >1.1B accounts in total)  using telephone numbers. The above data could be sold onto spammers and on the black market of app developers.

As long as you have a phone number you can find out the details of the Whatsapp account associated with that number. So you can search through Whatsapp quite quickly and easily.  The aim of the hack was to create awareness about security holes and privacy problems when there is no opt-out for the collection of personal data. We only show the first half of the presentation where no personal data was presented. The rest of the presentation can not be shown as surprisingly sensitive personal data of Whatsapp users was presented.

Jean-Luc Nguyen, who is backpacking around rather remote parts of Asia so can not join us in person so Johannes from Unify will cover his hack, in just 24 hours did an amazing job with CrowdSalers using Circuit to create a module that can be plugged on any marketplace product page to allow customers to interact with other customers and product specialists via text, voice and video chat. Its used many of the Circuit API capabilities including presence, and all created in 24 hours.

Tim Panton created a hack called “Remote-Monitor” that remotely monitored an IoT resource on both a smartphone with a neat QR code authentication and for multiple devices to a Cisco Spark room (IM), but only when the device was recording out of band data. Tim had the classic WiFi challenges of IoT hacks, but he debugged and got it working while presenting – impressive. He also created a video of his hack to make it easier to see.

#vuc 583