“We’re the face-to-face social network bringing friends together for live video hangouts. Now, with the Heads Up! game available in app, we’re introducing a new way for users to spend time together.”
“Houseparty only works when people are online together. There’s no liking, commenting, or scrolling. Instead, the Houseparty experience brings empathy to online communication by requiring in-the-moment conversations and facilitating casual “drop-ins” from friends.”

The idea is great! Imagine Zoom but without calls or conferences or even meetings. It’s like going to your local bar and checking out who is there. No booking, no specific time, just shit and the giggles!. So let's party, right?

Sadly, not so fast! There have already been reports of hacks after using Houseparty!

b.b (@benoobrown)
⚠️ Heads up if you’re using the houseparty app ⚠️

Which was quickly reported as a smear campaign against the app.

Houseparty (@houseparty)
We are investigating indications that the recent hacking rumors were spread by a paid commercial smear campaign to harm Houseparty. We are offering a $1,000,000 bounty for the first individual to provide proof of such a campaign to bounty@houseparty.com.

Let’s believe it was and go with facts!

Houseparty contacts and submits data to Facebook, which includes your Google-Advertiser-ID, your Apple ad ID and also checks if you have Ad-Tracking enabled.

Thanks to the Google-Advertiser-ID getting transmitted to Facebook, they can then add you directly to their Shadow profiles or, of course, pick up your profile if you have an active Facebook account. Facebook also gets your cellphone model, your internet or mobile provider and, of course, your IP address and timezone.

Read here why this should be a worry:

EXPOSED! Facebook - What the Zuck is he up to now?
> Take in all of a subject’s experience, from phone numbers dialled and e-mail messages viewed to every breath taken, step made and place gone A quote from the LifeLog wiki. Talk about coincidences. On the same day that Facebook was founded, the Pentagon killed off the LifeLog project. But was it j…

During signup to Houseparty you will be required to submit the following:

  • Email address
  • Username
  • Password
  • Date of Birth

This is then submitted via the server *secrethouse.party, which checks to see if you already have an account, and at the same time also submits information on ALL APPS you have installed on your device. You know...just in case!

Next, you need to submit your telephone number “just to be sure you are not a bot”

“Please verify your phone number so we know you are a real person"

You can SKIP this, which is good, although most people probably won’t, but the option is there.

Next step is connect contacts

Here you allow Houseparty to have access to your local address book, which allows it to extract all the names, addresses, emails and telephone numbers there as well as any other information such as birthdays etc.

Next you will be asked to Connect Facebook. You can bypass this by pressing SKIP!

The good news (for Facebook not you) is that this information, including your skips, are still permanently recorded by Facebook at graph.facebook.com

Check out how you can block this kinda behavior with simple Ad and Bad traffic filters here:

Privacy Cookbook - Chapter 3 - Ad and Bad traffic filtering
​The internet is one scary place. Most people wouldn’t know that as they go to their favourite website that they have no idea what else is connecting to their device. I have a crazy example: my Samsung Note 10 had most of the requested connections coming all day from Samsung.com.cn and from Baidu.co…

Next is permitting Houseparty to access your camera and your GPS location...

I believe that that is about almost all you need to say and know about Houseparty, however, there is no final surprise in store for you!

The Houseparty app has no end-to-end encryption, whatsoever! That means all your communications within it are completely unprotected. Just like zoom ;)

Enjoy the party but don't live to regret the consequences of going along!

For safe alternatives to the current crop of vid conf messengers, check out the next Chapter of the Privacy Cookbook which we are bringing forward to tomorrow.