X May Be Causing Data Leakage From Your IPhone
It’s no secret that X, formerly known as Twitter, is a shell of its former self. Spam is rampant, verification badges mean nothing , and privacy and security have deteriorated.
While no major company likely has a perfect policy in place to protect your privacy, this is a notable issue for a microblogging site in the post-Elon Musk era. The more X employees focus on privacy and security, the more these features will begin to erode. We saw this with Circles , where an outdated privacy feature that ensured certain tweets could only be seen by a trusted group of followers inadvertently began allowing strangers to view your private thoughts. Not good. And now a new problem has arisen.
X secretly reveals your identity
The security research duo collectively known as Mysk recently discovered another X security flaw, this time involving crash reporting. This may not sound as bad as private tweets that are no longer private, but this applies to every case where an app leaks data it shouldn’t.
As Mysk notes, the iOS version of the X app offers users the option to opt out of crash reporting. When you disable this option, you naturally expect the application to remain silent whenever a crash occurs. But that’s not true: the app ignores your preferences and instead quietly shares your crash report without your knowledge or consent.
You can see this in action in the Myks demo video : They run the iOS version of the app on a Mac, showing the “Submit Crash Reports” option disabled. When they restart the app, they demonstrate that the app actually sends a crash report to Crashlytics (a Google product).
Kicker? According to App Privacy Analysis, crash reports are linked to you personally and are not aggregated. This means that whenever your app crashes—or every time you restart your app, according to the Mysk test—a report is sent to Crashlytics that is tied to your identity. (Note: It’s worth reading the app privacy breakdown for X if possible – it’s a long list of data that is either linked to you or used to track you.)
While any data leak is bad, this situation is doubly unfortunate because it happens even if you’ve explicitly told the app you don’t want it to share crash report data. ( Someone please tell the EU about this ASAP .)
How to protect X from leaking your data
At the moment, the only solution to this problem is to delete app X from your iPhone, which, frankly, is probably good advice that we all should have followed a long time ago.
[ TechRadar ]