Hacker News new | ask | show | jobs
by foepys 3404 days ago
You don't really have to MITM, you could just check the logs of the DNS server that the network DHCPs to the WiFi clients for queries to Blind's IP addresses.

This doesn't tell you the content but if an employee uses the app. Make of this what you want but given Uber's previous actions I don't think they would just ignore this.
2 comments
lojack 3403 days ago
I don't use the app, but messages appear to be timestamped, that's probably enough to deanonymize many conversations.
link
slig 3403 days ago
> This doesn't tell you the content but if an employee uses the app

It appears that one has to register using a corporate email address, so it's trivial to figure out which employees are using this service.

link