Skip to content
  • Northeastern team helped Match, Athenahealth apps stop leaking passwords

    BetaBoston - 02/03/2016

    The Android app from dating site Match and a physician’s drug search app made by Athenahealth featured a bug that failed to protect password and usernames, a team at Northeastern University has found.

    Both apps were among hundreds that the Northeastern researchers found sent personal information such as home addresses and names, and in some cases usernames and passwords, from smartphones to company servers without securing that data by encryption.

    As a result, any user logging into the app while on a public Wifi network — such as the free networks in cafes or airports — could unwittingly reveal their personal data to others using a simple program to watch network traffic.

    “It’s like walking around a room and eavesdropping on conversations,” said David Choffnes, a computer science professor and team lead on the project

  • Cookies on Northeastern sites

    This website uses cookies and similar technologies to understand your use of our website and give you a better experience. By continuing to use the site or closing this banner without changing your cookie settings, you agree to our use of cookies and other technologies. To find out more about our use of cookies and how to change your settings, please go to our Privacy Statement.