BeReal was a late entry into the social media game but an increasingly popular one. The app — which lets users post just once daily at random times — has quickly gained steam for its contrast against highly curated, filtered Instagram and Facebook feeds. However, it gives some security experts pause. Privacy is , but BeReal stands apart from the rest. The very things that make the platform unique also pose new challenges to security. an issue with most social networks BeReal’s Privacy Features Before diving into BeReal’s privacy issues, it’s important to review its security features and protocols. These can reveal what the platform does to ensure users’ privacy, putting its potential downsides in context. BeReal’s privacy policy over their information on the site. These include being able to access what third parties the site shares data with, receive a copy of that data, and request its correction. Users can also restrict access from integrations, limit who can see their posts, deactivate time and location settings and disable features that bring up old posts. outlines six rights users have As of this article’s writing, BeReal has yet to experience a public data breach, which many other social platforms cannot say. However, that doesn’t necessarily mean the site has more advanced security features than others. It hasn’t been around or garnered as many users as others, either, so breaches could happen in the future. Privacy Issues With BeReal Despite the lack of a major breach in the app’s history, BeReal has some significant privacy shortcomings. Users must be aware of these to take more control over their security. Accidentally Revealing Information The biggest issue with BeReal lies within the site’s main selling point. When users upload on BeReal, it takes a picture with both cameras, showing the environment around someone as well as their face. While that’s great for promoting authenticity, it makes it easy to accidentally reveal sensitive information. If someone takes a BeReal selfie in front of their computer, whatever’s on their monitor will become publicly accessible. Other users could look at that to glean personal information about the original poster. They could then use that information for credential stuffing or to form more effective phishing attempts — today. the most common type of cybercrime This accidental data leakage grows even more concerning when considering users taking pictures at work. Employees could reveal trade secrets or sensitive customer information, leading to significant legal fallout. Similarly, users may unintentionally jeopardize the privacy of those around them. People in front of a user taking a selfie may not realize they’ll be in the picture, too. Users could then post them or any personal information on their screens without their knowledge or consent. Extensive Data Collection BeReal’s data collection policies are also less than perfect. Most social media sites collect and share more information than users realize, and BeReal is no exception. According to its privacy policy, it stores names, locations, birth dates, IP addresses, phone numbers, web activity and more. After collecting all of this potentially sensitive data, BeReal stores it for a considerable period. The site keeps many data categories for and reserves the right to hold onto some information indefinitely. In many cases, the only way to delete this data is for users to delete their entire account. up to two years Specifics about how BeReal protects this data aren’t publicly available, but they say authorized employees can access it. Depending on their internal controls, that could expose this information to breaches from employee error. Over come from weak credentials, so something as simple as a poor password could grant an attacker access to all this data. half of data breaches Weak Default Controls Like any social media site, BeReal lets users customize their settings to improve their privacy. However, the platform’s defaults are the least secure option. Even though users can change these settings, having to take the extra step to do so can be enough to dissuade them from it. Geolocation is a prime example. The site automatically uses location services and shares locations when users post as part of its mission statement of authenticity. While sharing this information does promote openness, that openness reveals more data to potential attackers than users may be comfortable with. Some users may not realize they can disable geolocation or restrict who can see their posts. As a result, many may accept a lower standard of privacy out of convenience or lack of understanding. How to Use BeReal Safely These security shortcomings are significant, but many aren’t unique to BeReal, either. All social media involves some amount of sacrificed privacy, but with the right approach, users can enjoy it safely. BeReal is the same. Look Around Before Taking a Picture The most important step in using BeReal safely is to be aware of one’s surroundings when posting. Users should look at what’s behind and in front of them to ensure nothing sensitive is in the shot. If users are in front of a computer screen, especially at work, they should turn it off before taking a picture. It’s also best to review pictures before posting them to ensure they didn’t accidentally capture anything sensitive. Users a user took before posting, but BeReal won’t save the pictures themselves, apart from the final upload. If users want to be extra safe, they can clear their cache after retaking pictures but before uploading. can see how many retakes Know Your Rights and Controls Next, users should familiarize themselves with BeReal’s privacy policy and the options it gives them. Changing defaults to disable geolocation and restricting post visibility to only friends are good first steps. Opting out of data-sharing with third parties and integrated apps is also another recommended action. If any information BeReal asks for is optional, it’s best not to share it. The less users share, the less they have to lose in a data breach. That step is a good rule of thumb for any web service, not just BeReal. BeReal Presents Significant Risks If Used Improperly BeReal’s extensive data collection, weak defaults, and high risks of accidentally capturing sensitive information can pose serious risks. However, if users are aware of these shortcomings and consider them when posting, they can use the site safely. Compared to other social media sites, BeReal may be slightly less private because of the nature of its posts, but it’s not necessarily dangerous. As long as people know to check their surroundings and adjust their settings, the app doesn’t have to be a risk.

The is an opinion piece based on the author’s POV and does not necessarily reflect the views of HackerNoon.

5 Tech Best Practices for Smooth Business Transition

How to Improve Your Omnichannel Customer Experience

Portfolio

Nominated for 2022 - HackerNoon Contributor of the Year - Data Security

How Secure Is BeReal?

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

10 Common Scams Targeting Healthcare Workers

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

The Noonification: How the Liver Transplant System Changed Forever (11/25/2023)

10 Common Scams Targeting Healthcare Workers

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

The Noonification: How the Liver Transplant System Changed Forever (11/25/2023)

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps