Clubhouse takes site offline where users could listen in without login

Chatapp Clubhouse took a site offline with which a user offered audio streams of conversations in Rooms on the platform. This allowed users to listen in via the web without a login.

This made it possible to listen in on Clubhouse from desktops and from Android phones, for which there is currently no Clubhouse client. The chat app tells Bloomberg that it has taken new security measures to prevent someone else from setting up such a site again.

The client allowed non-logged in users to listen in on Rooms and record conversations. That’s against the terms of the app. The user who made it possible has been permanently banned from Clubhouse.

The site is no longer working, but the code is still available on Github. This shows that the software relies on reverse engineering of the way the app communicates with Agora, the Chinese supplier of the back-end of the American chat app. This is partly due to the work of another developer who made a variant of a web interface for Clubhouse under the name Hipster.house. The web client didn’t seem very scalable: Rooms were accessed through the developer’s personal account.