Security vulnerabilities in the Freedom Chat application revealed users' phone numbers and PIN codes

Freedom Chat Addresses Security Vulnerabilities Exposing User Data

Freedom Chat, a messaging platform launched in June and marketed as a privacy-focused app, recently resolved two significant security issues. One flaw made it possible for a researcher to deduce users’ registered phone numbers, while another exposed user-created PINs to others within the app.

Despite Freedom Chat’s assurances that phone numbers remain confidential, security expert Eric Daigle discovered that both phone numbers and PINs used to secure the app were accessible due to these vulnerabilities.

Daigle identified these issues last week and provided the details to TechCrunch, noting that Freedom Chat lacks a public channel for reporting security concerns. TechCrunch subsequently informed the app’s founder, Tanner Haas, about the problems via email.

Haas confirmed that all user PINs have been reset and a new app version has been released. He also stated that the company is working to eliminate instances where phone numbers might be visible and has implemented stricter rate limits on its servers to deter automated guessing attempts.

According to Daigle, who documented his findings in a blog post, he was able to enumerate nearly 2,000 phone numbers belonging to Freedom Chat users since the app’s debut. The app’s servers permitted mass guessing of phone numbers, revealing whether a number was registered.

This approach mirrors a method described in recent research by the University of Vienna, where academics matched billions of phone numbers against WhatsApp’s servers to collect data on approximately 3.5 billion accounts.

Daigle also discovered that Freedom Chat was inadvertently leaking users’ PIN codes. By monitoring network traffic, he observed that the app would return the PINs of all users in the same public channel, even though these PINs were not visible within the app interface.

He explained that anyone in the default Freedom Chat channel—automatically joined by new users—had their PIN shared with every other member. This exposure could potentially allow someone to unlock the app on a stolen device using the revealed PIN.

In a recent app store update, Freedom Chat addressed the incident: “A critical reset: A recent backend update inadvertently exposed user PINs in a system response. No messages were ever at risk, and because Freedom Chat does not support linked devices, your conversations were never accessible; however, we’ve reset all user PINs to ensure your account stays secure. Your privacy remains our top priority.”

This is not Haas’ first messaging app. His previous project, Converso, was removed from app stores after security flaws were found that compromised users’ private messages and content.