teknolojiarsivi.com
teknolojiarsivi.com July 17, 2018


WhatsApp Security Open To Snoops

14 January 2018, 12:16 | Harold Aguilar

WhatsApp messages are heavily encrypted but German researchers have found a vulnerability in group chatsReuters

WhatsApp messages are heavily encrypted but German researchers have found a vulnerability in group chats

Anyone who controls the app's servers could insert new people into private group chats without needing admin permission.

According to a report in Wired.com, the cryptographers from Ruhr University Bochum in Germany announced this at the "Real World Crypto Security Conference" in Zurich, Switzerland, on Wednesday.

It is not the first serious vulnerability that researchers have discovered on WhatsApp's messaging platform, with security firm Checkpoint uncovering a loophole previous year that allowed hackers to completely take over users' accounts and access conversations, contact lists, photos, videos and other shared media.

Once a new person is in, the phone of each member of that group chat automatically shares secret keys with that person, giving them full access to all future messages, but not past ones.

The other participants will get a notification about a new user joining the group, but they have no way of knowing whether the new member was invited by the administrator (s).

German researchers have claimed there is a way to infiltrate WhatsApp's group chats and listen on private messages, despite its end-to-end encryption. All group members will see that the attacker has joined. The same security flaw also affects Signal and Threema messaging apps, but not to the degree that WhatsApp is affected according to researchers.


But they told the researchers the group invitation bug they'd found was merely "theoretical" and didn't even qualify for the so-called bug bounty program run by Facebook, WhatsApp's corporate owner, in which security researchers are paid for reporting hackable flaws in the company's software. "If I hear there's end-to-end encryption for both groups and two-party communications, that means adding of new members should be protected against".

In a statement to IANS on Thursday, a WhatsApp spokesperson said: "We've looked at this issue carefully". WhatsApp is also testing a new "Quick Switch" feature to let users shift from voice call to video.

We completed the implementation of end-to-end encryption in 2016 for all messaging and calling on WhatsApp so that no one, not even us, has access to the content of your conversations.

"At present, WhatsApp is developing this feature for iOS and it will be available soon for all users, instead for Android it is already enabled by default in the newest WhatsApp Google Play beta for Android 2.18.12", the report confirmed.

"The WhatsApp server can therefore use the fact that it can stealthily reorder and drop messages in the group", the paper states. But there is no [sic] a secret way into WhatsApp groups chats'.



Other News

Trending Now

LG Electronics to showcase the world's biggest 'rollable' TV at CES 2018
CES is the first platform of choice for companies around the globe to showcase their upcoming products and future technologies. The company's most impressive reveal at the show is a record-breaking 88-inch OLED TV featuring glorious 8K resolution.

North Korea hits own city with Hwasong-12 missile
The rocket reportedly crashed into the city of Tokchon and seriously damaged industrial or agricultural buildings. North Korea launched its first ICBM back in July and the U.S. did nothing but impose more sanctions.

Snow possible on Thursday; today's high, 54
The strongest winds will be found from west central to south central Minnesota where winds could gust to 40 miles per hour . Forecast changes are likely in the days ahead as we draw nearer to the event, so check back with weather.com for updates.

Google could turn the next Pixel's touchscreen into a speaker
Google ( GOOG , GOOGL ) acquired a United Kingdom speaker tech startup late past year for undisclosed terms. Google has declined to comment on the acquisition, including how much might have been paid for Redux.

Jacob Eason expected to transfer to Washington
Meanwhile, Washington is set to have an opening under center in 2019 after Jake Browning plays his senior campaign next fall. This allowed true freshman Jake Fromm to take the reins, and he wound up leading the Dawgs to the national championship.

Jeff Bezos Is Now Richest Person In History
With a net worth of around US$104.8 billion dollars, according to Fortune , Bezos passed Microsoft's Bill Gates' previous record. Bezos also owns Blue Origin , a travel business that intends to take tourists to explore space and the Washington Post newspaper.

Oakland Raiders sign Jon Gruden as their next head coach
It has not been a secret as everyone knew Jon Gruden was going to be back with the Silver and Black next season. It's been widely reported that Jon Gruden will be the next head coach of the Oakland Raiders .

Dropbox files confidentially for IPO
There has been no official confirmation about this just yet, either from Dropbox or Goldman Sachs and JPMorgan for that matter. Taking on the risk of lending to a private company can typically help a firm's chances in underwriting an eventual IPO.

Trump Calls For DACA Fix, Still Wants Wall
The wall now represents a complicated political question for Republicans and Democrats. Congress must pass spending legislation by January 19 to prevent a federal shutdown.

Khloé Kardashian reveals secret to hiding her baby bump for so long
But it makes sense because she also told Ellen , "I'm gonna try to not wear maternity clothes as long as possible". Khloé Kardashian may be six months pregnant but she isn't too anxious about marrying boyfriend Tristan Thompson .