Italian team discoveries flaw in Ruzzle protocol, serious menace to privacy
Apr 02, 2013
We are in digital era, everything is connected to the large networks and applications benefit of even more complex devices that deeply interact with owner, in this scenario security requirements assume a crucial importance and security of overall architecture also depend on security of single components. In these months mobile users have gone crazy for a simple video game named Ruzzle , developed by the Swedish gaming company MAG Interactive, available for iOS and Android devices. The game mechanism is inspired by the board games Boggle and Scrabble. Early 2013 the researcher at Hacktive Security started a study on most spread mobile applications such as popular Ruzzle focusing on the protocol implemented and possible repercussion on user's privacy. Ruzzle protocol use Json for response within a user's session, security analyst discovered that is it possible to tamper them due the absence of control on server side on data sent by the application. The leak of data va