comScore
Uncategorized Tuesday, March 29th 2011 at 11:06 am

Never Alone: Trick Shows Any Photo in Color App, Anywhere

By ( ) Comments

With some dead-simple geolocation trickery, users can see any photos being uploaded with the Color photo sharing app without leaving the comfort of their own home. Chris Wysopal, the chief technology officer with Veracode, announced via Twitter that he had discovered the issue last Thrusday.

Here’s how it works: Color bills itself as a social photo app, allowing users to see photos being taken by those around them thanks to the GPS data it pulls from the phone. By setting the phone’s location data to another position, a user can view the photos being uploaded around a different location.

Using an app called FakeLocation installed on an jailbroken iPad, Wysopal changed his tablet’s perceived location and then fired up Color. Without a hitch, the photostreams from far away areas loaded up. Wysopal told Forbes that this trick could be used to spy on celebrities, with paparazzi letting adoring fans take the photos for them, then swiping them off of Color.

As the ‘hack’ has become public knowledge, Color’s response has been one of ambivalence. When talking with a Forbes reporter, Color spokesman John Kuch dismissed concerns saying, “it is all public, and we’ve been very clear about that from the very beginning.” In fact, all the content on Color is completely viewable to anyone — comments between users included. Moreover, Color’s creators had hinted about adding a “peeking” function that would allow users to see far-flung photostreams with some limitations, essentially what Wysopal’s work around does.

Though this doesn’t seem to pose much of a threat to personal security, it is a bit creepy. Color is all about photos of a shared experience, and it’s unnerving for an outsider to be in on that experience.

While this trick may be trivial, it lowers some of Color’s cache in my mind because Color cannot enforce the rules that make it unique. Like Twitter, Color is based on arbitrary rules which made it fun: Twitter only allows you to use 140 characters, and Color only let you see the photos of those around you. Like a game, it’s the rule that make it interesting, and hopefully Color will work to keep their app unique.

(via Forbes)

Filed Under |
  • http://www.facebook.com/profile.php?id=1482006251 Lasse Henden

    “By setting the phone’s location data to another position, a user can view the photos being uploaded around a different location.”

    Can someone explain what this means – in english? I’ve read about this app in ten different sites, in half a couple of languages. What the paper, sissy, loo does this app really do?!

  • http://the-w.com/ CRZ

    When you are somewhere with your phone, Color would bring up photos that were taken close to your somewhere. The idea is “somewhere” is “where you are right now, as reported by the GPS in your device.”

    What they’re saying is (and I anxiously await correction if I’m wrong): If you cheat and bypass your GPS by using some program to set “somewhere” to “somewhere else, not necessarily where you are at the moment,” then the pictures Color would show you would be the ones taken close to THAT “somewhere (else)” …instead of where you actually are.

    Does that make sense?

    (Max: Did you mean “cachet?” Because I reckon Color uses the same amount of cache no matter what you think of it. ;-) )

  • http://www.facebook.com/profile.php?id=1482006251 Lasse Henden

    Thank you, and no – I’m a slow learner. It seems this app makes me see pictures from other people taken at the same location I am? Why would I be there if I can see it in a picture? I got to be wrong. Please tell me I am. (anyways thanks for answer:)

    What I am thinking now is:

    “If you cheat and bypass your GPS by using some program to set “somewhere” to “somewhere else, not necessarily where you are at the moment,” then the pictures Color would show you would be the ones taken close to THAT “somewhere (else)”

    I am so faking my own jumping of a bridge with this program? I can fake pictures of myself being shot by policemen at the spot I am, and then others will see the pictures when they walk by? Is that how this work?

  • http://the-w.com/ CRZ

    “It seems this app makes me see pictures that other people has shoot at the same location I am?”

    You got it!

    “Why would I be there if I can see it in a picture?”

    Well, see….not only are YOU there, but NOW you can meet complete strangers who are ALSO there! And yes, when I put it THAT way, it sounds kinda……yes.

    I don’t know about your hypothetical scenarios but they sound too hilarious not to try them.

    (I actually can’t use Color because my phone isn’t new enough, so I am doing a bit of guessing here.)

  • http://www.facebook.com/profile.php?id=1482006251 Lasse Henden

    Well, I’m color blind, so join the club.