Secret Contacts+ 1.0 for iOS
by Berislav Kucan - Friday, 8 March 2013.
Secret Contacts+ is a fresh iOS application that appeared in the App Store a couple of days ago. The developers at Youxel have recently launched a whole set of new security enhanced apps that wrap around standard iOS applications such as Contacts, Notes, Reminders and Photos. I suppose all of them are brand new as they don't even appear on the developer's web site.

Secret Contacts+ enables you to manage a completely private contact list. You can either add new contacts or copy the ones from your current contact list. I don't see any point for the latter except in the situations when you are completely migrating from the current address book to a completely secretive one.


The application sports a simple interface. Upon starting the application the user needs to authenticate through a stylish pattern lock with a honeycomb theme. This is a pleasant addition, as most of the apps I usually buy concentrate on PIN authentication procedures. Secret Contacts+ can also be setup to use the PIN input process or a classic pattern lock with typical 3x3 dot structure.

Upon setting the authentication method you are urged to setup a backup e-mail address and a Q&A combo to be used if you forget your login pattern. Unfortunately, this screen comes with a couple of visual bugs where the alert popup saying "Restore changes saved" occurs three times in a row - presumably one for each of the fields you need to fill. Furthermore, building upon this bug, if you type in a valid email address and fill the Q&A fields with just four characters each, you'll get a confusing combination of both errors and "Restore changes saved" alerts.

The "forgot pattern" process linked from the main authentication screen features a display bug, as well as some spelling errors. The app is still in its infancy, but even a 1.0 version of a such a simple application shouldn't have this type of issues.


Adding new contacts and importing existing ones from the address book works flawlessly. But you must know and keep in mind that when you call someone from inside the app, you are actually "forwarded" to the iOS native phone dialer, so your secret numbers (not names) will appear in the recent call list.

Here's another bug - open the app, successfully authenticate from your first try, hit the iPhone home button and try starting the app again. It will crash immediately.

The app features four themes that can be used to optimize your GUI interface. Two of the themes with brighter background colors are practically useless as the font colors could make some screens really tough to read.

Secret Contacts+ 1.0 sports a couple of interesting security options. It enables you to create a fake account inside the app, with a different set of contacts.

The other valuable addition is the intrusion report section where the app takes a photo of the person who entered three consecutive wrong login patterns. The photo process is transparent and it sometimes records a couple of photos at the time - in most cases one good photo is followed by a couple of darker or completely black ones.

This app, like majority of the others on the App Store, will probably find its user base, so I hope the developers will soon fix all the quirks. Secret Contacts+ 1.0 has a price tag of $1.99.



Spotlight

Intentional backdoors in iOS devices uncovered

Posted on 22 July 2014.  |  A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //