Clubhouse bugs allowed users to appear to vanish from rooms yet still participate in their conversations without the permission of room creators, according to cybersecurity researcher Katie Moussouris in a Wired report. Moussouris described the issue as a twofold nightmare scenario. One problem led to what Moussouris calls a "Stillergeist" issue which allowed some users to eavesdrop on rooms without the knowledge of creators.
The other problem was "Banshee Bombing," in which users could verbally harass rooms by invisibly joining the speaker panel. This subsequently rendered user removal from the room impossible since profiles could not be seen or tapped on. The security researcher shared screenshots with Wired, which showed herself in a Clubhouse room with a Wired reporter without her avatar appearing. For a platform that is struggling with fake Android copies, privacy problems, and inflammatory rhetoric, it's just another headache for the iOS-only service to handle.
The problem’s since been fixed — According to Moussouris, the issue with phantom eavesdropping and "Banshee Bombing" took place in March and it has since been fixed. She told Wired that she honored the 45-day disclosure period she offered Clubhouse to fix the hiccup before she went public with the information.
A spokesperson for the audio-only app stated, "We appreciate the collaboration of researchers like Katie, who helped us identify a few bugs in the user experience and allowed us to swiftly address those to remove any vulnerability before any users were affected. We welcome continued collaboration with the security and privacy community as we continue to grow."
Despite the issues being resolved now, critics worry that Clubhouse's attitude toward these problems is lackadaisical and could harm users. This halfhearted approach to rectifying platform woes is because, researchers theorize, Clubhouse does not have the incentive to sincerely care about user privacy. If the firm wants to continue dominating the audio-only app space, it should consider a serious appraisal of its infrastructure before it’s too late. Of course, the way things are going, it might not have to… people might simply stop using it as they’re able to return to bars and clubs and restaurants and eavesdrop on — or engage with — people instead.