Jun 20th, 2014


When I first read about Yo, all I could do was execute one of the biggest facepalms in my life. Here was this app that, with no rhyme or reason, allowed you to send your friends a simple message: yo. Yo. It’s like the Hodor keyboard all over again.

“Why are these stupid apps becoming a fad,” I asked myself, wondering if the development gods were playing a trick on all of us. No offense to the developers of said apps if this is their way to practice coding, but if that were the case then these things should even be anywhere near Google Play.

I personally didn’t bother downloading it, and boy am I glad I didn’t. It’s been found that the app has already been exploited by a group of college students. The exploit allows them to view any phone number associated with any username, and can allow the hacker to spoof messages through the app.

It’s not a terribly large concern considering “yo” is the only message you can send, but having your phone number outed for anyone to see isn’t the most pleasant thing in the world. The developer claims to have knowledge of the exploit and hopes to push out a fix within the next few hours to address it, but who knows how many other holes there are in this incredibly simple app where security seems to have been an absolute afterthought.

Yo reportedly began as an April Fool’s joke, and we wouldn’t have thought it to be anything else if it’d actually come out as intended. But some investors felt the experience was so revolutionary that it warranted over $1 million in funding. All I can say to that is: where do I sign up for some beginner’s courses in Android development?

[via TechCrunch]