Microsoft News

Microsoft issues security advisory affecting all versions of Windows, Windows Phone

General News

UK government set to rush through emergency surveillance legislation

General News

UK officials follow US counterparts by banning electronics that have no charge from boarding flights

Microsoft News

Microsoft restores control of seized domains to No-IP

Windows 8 Apps+Games

1Password for Windows gets much needed 4.0 update

Editorials

Using strong passwords and keeping your online self secure

General News

First smartphone 'kill switch' bill in the US passed by… Minnesota

Apps

Secure your passwords and critical information with Enpass Password Manager

General News

Bitly alerts users of widespread account compromises, claims no accounts have been accessed

Apps

John McAfee's Chadder aims to keep your messages private, lands on Windows Phone before iOS

Windows

Microsoft issues security patch for Internet Explorer

Microsoft News

Microsoft issues warning about limited, targeted attack vulnerability in Internet Explorer

Windows

Windows 8.1 Update 1 enterprise rollouts slowed due to security bug

How To

Get secure by encrypting your PC with Microsoft BitLocker for Windows 8 Pro

Microsoft News

Microsoft Store giving away $100 credit; simply trade up your Windows XP dinosaur (US and Canada Only)

Microsoft News

Microsoft says it's really time to dump Windows XP thru this clever infograph

Editorials

So, you want to adopt BYOD?

Microsoft News

From a Bill Gates memo to an industry practice: The story of Security Development Lifecycle

Apps

The best messaging apps on Windows Phone

Microsoft News

Microsoft to fix Internet Explorer vulnerability along with other system exploits next week

1

Kik Messenger communicating without SSL

While nothing to be fearful about, I wouldn't recommend sending your bank account number and sort code via Kik Messenger for Windows Phone anytime soon, not that you would anyway. While the user's password is sent either hashed or encrypted, it's reported that Kik is sending user email addresses and messages in clear-text, viewable by any middle man, over an open connection (i.e. unsecured WiFi).

Mike Cardwell, a well established IT specialist, reported a year ago how Kik was insecure with Blackberry, Android and iOS. Kik has since resolved these issues this year and have commented on an article over at Within Windows covering the WP7 client:

 "Hi Rafael, Corry from Kik here. Thanks for your analysis.We are aware of this issue and plan to add WP7 message encryption in a future release. We want to reiterate that the password is not being sent in clear-text, and that our Android and iPhone clients feature full SSL encryption (login info + messages), as Mike Cardwell mentioned in his comment."

At least our passwords are safe, although we do recommend using multiple passwords for your online accounts, especially between social networks and e-commerce sites. Hopefully security will be added for emails and messages in Kik at some point in the near future. Use over 3G should be fine since the signal is encrypted.

Source: Within Windows and Mike Cardwell, thanks insi for the tip!

1
loading...
0
loading...
11
loading...
0
loading...

Comments

There is 1 comment. Sign in to comment

4UrEyezOnly says:

There are several apps that are "light" on some of those basic measures for secure messaging - not good for the free wifi locations. Compare to the 4UrEyezOnly app which provides DRM communications and additional features