Popular app for kids Musical.ly does not use encryption on uploads

Musical.ly, the app that is popular among children with which they can make short music videos, among other things, does not use encryption. So when a user uploads a video on a public Wi-Fi network, it can easily be intercepted by third parties.

The news is apparent from practical research by the NOS, which intercepted some Musical.ly videos on the wifi of a campsite as a demonstration. The broadcaster used the Wireshark software for this, which in its own words made it ‘easy’ to get hold of the recordings. Also, it makes no difference whether a Musical.ly account is private or public. Schellevis further adds to the story by stating that other parts of the app’s communications are encrypted, making it unlikely that the developers are unaware that the audio and video are being sent unencrypted.

Musical.ly is quite popular among children, according to the NOS. There is therefore a risk that films not intended for public use end up in the hands of pedophiles. While there are no specific numbers on users’ ages and where they are located, the Play Store shows that the app has reached 50-100 million installs.

The NOS contacted the developer of the app at the beginning of last Friday to ask for a solution, but he did not respond before the item went online on Saturday evening. For now, users can only temporarily solve the problem by not using the app on public wireless networks. However, if a malicious person is on the same secured Wi-Fi network with his target, the same risks apply. Using a VPN would also work.