After a long time of suspicion, a group of researchers confirmed that Audacity, the open source software for audio editing, stores its users’ information on the system and could also be sending information to established servers in Russia, which would make it a spying tool.
According to a report by security firm Fosspot, the Privacy Policy section at Audacity was recently updated to add some changes, including a new policy for collecting users’ personal data, something that would especially impact those using macOS systems.
It should be remembered that last May Audacity was acquired by Muse Group, so since then the cybersecurity community began to speculate about a change in the way this software collects information from its users. Muse Group also operates platforms such as Tonebridge, MuseScore and Ultimate Guitar, one of the most popular websites for guitar aficionados.
Previous reports mention that Audacity collected some reports about users, including IP addresses, processor version, operating system and even some messages. Audacity maintains that IP addresses are stored in a protected manner for a year before they are deleted, something that is specified in its user policies.
The investigation seems to have discovered that the data collected by Audacity was stored in Russia, so many users fear that this data has reached the hands of third parties not expressly authorized by users. Somehow, if data collection continues without the knowledge of the people involved, users would not be able to retrieve the important information.
Another change that brought the most recent update of Audacity was the age limit for users, since before anyone could use this software regardless of their age; now, those interested in Audacity must prove that they are at least 13 years old.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
