AAPL Stock: 117.34 ( -0.96 )

Printed from

Minimal messaging app of the moment Yo hacked by college students

updated 03:50 pm EDT, Sun June 22, 2014

Georgia Tech students hack single phrase messaging service, help team fix issues

The new messaging app of the moment Yo, which sends out only the phrase "Yo" to contacts, was hacked last Thursday by a group of students allegedly from Georgia Tech, according to TechCrunch. The hack allowed the students to spam users of the messaging program, as well as send push notifications with custom text. Yo confirmed through Twitter that it was working on security issues that had been brought to the team's attention.

The messaging app, which is currently listed as the sixth most popular free iPhone app, was alerted to the hack after one of the students reached out to founder Or Arbel. Arbel confirmed that the app was having security issues, but didn't give details on the hack at the time. The Yo founder outlined the events leading up to the fix on his blog.

After receiving a text message asking if he was the founder, Arbel was spammed with "Yo" messages and issued a push notification that the app had been hacked. The Yo team went to work in an attempt to find out what had happened, closing one hole before another was addressed. During the course of the fix, the hackers emailed Arbel the details of the hack, and provided help.

The larger problem was that the database had open access from the app. This meant that anyone could read what user information was stored. However, a team came together to solve the problem, to which the hackers verified was fixed. One of the hackers is now working with the team to improve the Yo experience.

In the blog post, Arbel also highlighted one of the features of the Yo app. Since it works on such a minimum level, no information other than a user name and associated phone number were exposed as a result of the open database. The application asks for no personal information, and the information it does access from an address book Arbel says isn't stored in a database.

If a phone number was never used to find friends, only the username was exposed. However, the hack wasn't totally free of an information leak, leaving it to face similar problems applications like Snapchat have had.

Arbel admits that the app "exploded a little too soon." Before the hack, the team was working on "re-writing the infrastructure in a proper and secure way, as suitable for production-grade apps."

Yo rose through the ranks of apps based on it being a simple messaging platform. It doesn't hurt that the company received $1 million in funding from investors associated with Moshe Hogeg, according to Think Progress. Last week, Yo announced that it had seen 3.7 million messages sent in a single day. Venture capitalist Marc Andreessen thinks that a simple messaging platform like Yo has its place in a world of one-bit communication, but it may not be the next $100 billion social media phenomenon.

by MacNN Staff



  1. msuper69

    Professional Poster

    Joined: 01-16-00

    Why did Apple even allow this fart-like app into the App Store?

  1. jreades

    Junior Member

    Joined: 02-02-99

    I am, apparently, way too old to understand why anyone would want this app.

    Yo, because FB pokes[1] are too much effort.

    [1] Didn't get those either.

  1. hayesk

    Professional Poster

    Joined: 09-17-99

    msuper69, the only reason they shouldn't have allowed it on the store would be because of its poor security.

    jreades, can you imagine a scenario where one spouse says to another "call me when you leave work and I'll start dinner" or similar. The content of the message is irrelevant. And the spouse leaving work doesn't remember to call until she's already on the road. This app lets you do it very quickly and easily - much safer than a call or text message. I can think of other scenarios where you just need to send a quick message. Sometimes it's just the sending of the message that matters more than what it says.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented