Security News > 2020 > February > Cometdocs Threatens Legal Action Over Disclosure of Security Issues
Cometdocs has disputed the severity of the findings and has threatened legal action against reporters if they publish what the company considers to be inaccurate articles.
"The Cometdocs applications are transferring files without using encryption, providing bad actors the opportunity to cache and retrieve the files. Moreover, a man-in-the-middle attacker could access the files while 'sniffing' traffic on the same Wi-Fi network as the user. Because the Cometdocs apps do not use encryption when transmitting and storing files on its servers, they are allowing private information to leak into the hands of third-parties monitoring the network," Wandera said.
Cometdocs has argued that its apps comply with Apple and Google's standards regarding the transmission of data over the internet and that neither companies currently require the use of an HTTPS connection for apps offered on their official application stores.
Wandera, in turn, has argued that it has not claimed Cometdocs violated the terms of the Apple App Store or Google Play store, but that Cometdocs is not following security best practices and puts potentially sensitive information at risk by doing so.
"Wandera is a venture funded company that has raised $53 million dollars to date. Cometdocs is a small business that offers a simple, free conversion app and has exactly $0 in funding. The reality here is that the Cometdocs app uses transmission protocols that are approved by Apple and Google and are currently used by many many apps. This"security" report is not news and in the view of Cometdocs, is simply an opportunistic attempt by a venture funded company to promote themselves at the expense of a small business.