Bing unsecured backend server exposed mobile users' devices, searches, and location

8 months ago by IanDorfman

Microsoft's search engine competing with the likes of Google is currently not the best choice for privacy-minded mobile device users, as its Android and iOS app both use an unsecure server to process queries that is potentially leaking personally identifiable information.

In a report published by the independent review site WizCase, this information leak from an unsecured backend server powered by Small elasticsearch iconelasticsearch includes the following data:

• Search Terms in clear text (excluding the ones entered in private mode)
• Location Coordinates
• Exact time the search was executed
• URLs the users visited from the search results
• Phone or Tablet model and operating system
• 3 separate unique ID numbers assigned to each user

During the course of their investigation, the WizCase team discovered predators searching for child pornography (both search terms and the URLs clicked), weapons and disturbing murder-related search terms, and more across the 6.5 terabyte server that accumulated as much as 200 gigabytes of data daily. Bad actors and unethical hackers could easily use this information for blackmail, phishing, or even physical attacks like robbery.

If you're using Small Microsoft Bing iconMicrosoft Bing on your Small Android iconAndroid or Small iOS iconiOS smart device, consider changing to an alternative such as Small DuckDuckGo iconDuckDuckGo that's also available in mobile app form and is much more conscious of your privacy and managing your search data.

Further coverage:
WizCase

Microsoft Bing

  • FreeProprietary
  • Windows
  • Online
  • Android
  • iPhone
  • Blackberry
  • Windows S
  • Windows Phone
  • iPad
  • Blackberry 10
  • Xbox

Bing (formerly Live Search, Windows Live Search, and MSN Search) is the current web search engine (advertised as a "decision engine") from Microsoft.

145 likes 77 Alternatives

❯ Alternatives to Microsoft Bing