Technology

WhatsApp Backdoor Allows for Intercepting of Encrypted Messages

WhatsApp Backdoor Allows for Intercepting of Encrypted Messages

Tobias Boelter, a cryptography researcher at the University of California in Berkeley, on Friday confirmed a report by "The Guardian" concerning a security flaw in the Facebook-owned WhatsApp messaging application. The company has streamlined the messaging process, he said, so that users don't automatically receive notifications every time a key changes, unlike another private messaging app called Signal. They are only notified if they opt in to encryption warnings in settings, and will only be made aware after the messages have been re-sent with new keys that the encryption has changed. WhatsApp rolled out end-to-end encryption for its service in late 2014 through a partnership with Open Whisper Systems.

However, it seems that a backdoor allows WhatsApp messages to be disclosed. The design decision referenced in the Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks.

Alarmingly Boelter raised this issue with Facebook in April 2016, but the internet giant told him that it was "expected behaviour" and not being actively worked on. The vulnerability would allow Facebook to read messages sent through the supposedly-secure system, as well as making it possible for the company to comply with court orders to make messages available to government bodies. Not only could this be seen by many as supporting on-going government data collection interventions, it means their talk of encryption and privacy has been nothing more than lip service. In the case of Signal when a recipient changes the security key while offline the sent message will not be delivered and the sender will be notified about the change in the security key unlike WhatsApp wherein the message is sent before notifying the user.

The security researcher has detailed the backdoor in a post on his personal blog and also presented the flaw at an encryption conference held earlier in December.

Following NATO exercise, United States forces start deploying in Poland for 1st time
The headquarters will be located in Germany. "This is precisely the way we see it", he said, Russia's TASS news agency reports . Poland has also received armored tanks , trucks and other military equipment that have come in by both rail and air.

While WhatsApp told users last April that it had implemented end-to-end encryption for all messages sent through its platform, it now looks as though it neglected to mention a caveat - Facebook can intercept your messages. You should ask your friend in person or through a different channel to confirm that they changed devices if you're anxious about security.

End-to-end encryption works by creating a unique pair of security keys for messages to verify and protect communication between users. In certain circumstances, a third-party could exploit the bug to persuade the app to resend messages because the authenticity of re-issued keys is not verified in WhatsApp by default.

It should be noted that the Signal protocol, operated by Open Whisper Systems, does not share this same vulnerability.

"In many parts of the world, people frequently change devices and Sim cards", the company said. In a tweet in November 2015, Snowden said he used Signal "every day". "In these situations, we want to make sure people's messages are delivered, not lost in transit". Tap account and select security, then choose to enable security notifications by selecting the "show security notifications" option.


  • Amazon Announces Credit Card For Prime Members

    Amazon Announces Credit Card For Prime Members

    Other store-branded credit cards offer cash back like Target's REDcard, where points are rewarded only on purchases at that store. Prime members will receive these new benefits using their existing card until their new card arrives, the companies said.
    Google, Facebook Face Tighter EU Grip With New Privacy Law

    Google, Facebook Face Tighter EU Grip With New Privacy Law

    That is a concern worldwide, including in the United States where many users are taking steps to ensure their privacy. Additionally, it aims to set a strategic approach to issues concerning the worldwide transfer of personal data .
    The Coen Brothers Are Making Their Official Foray Into TV

    The Coen Brothers Are Making Their Official Foray Into TV

    Fellow Jewish auteur Woody Allen released his first TV series on Amazon Studios to a tepid reception last fall. In addition to writing and directing, they'll also produce through their Mike Zoss Productions label.
  • DOJ blasts Chicago police for constitutional violations in the use of force

    DOJ blasts Chicago police for constitutional violations in the use of force

    Chicago Mayor Rahm Emanuel pushed through reforms since the investigation began, including overhauling a police oversight body. Johnson also will be in attendance, as will the head of the Justice Department's Civil Rights Division and U.S.

    Death Toll in Sinai Police Checkpoint Attack Rises to Nine

    In November past year , Daesh claimed responsibility for an attack on a security checkpoint that killed 15 soldiers. A similar attack on a security checkpoint in northern Sinai last November claimed the lives of eight soldiers.
    Sheila Jackson Lee Is Still Questioning the Validity of Trump's Win

    Sheila Jackson Lee Is Still Questioning the Validity of Trump's Win

    Not surprisingly, several protesters were ejected from the public gallery as the vote count concluded. Sheila Jackson Lee of Texas challenged the electoral vote certification on Friday.
  • Yahoo renamed as Altaba Inc, but there's a catch

    Yahoo renamed as Altaba Inc, but there's a catch

    However, the closing of the roughly $4.8 billion sale to Verizon can become a huge problem after two huge hacks faced by Yahoo . The new company also named Eric Brandt as the Chairman of the board with effect from January 9.

    Trump to continue creating volatility for Mexico

    Companies ranging from General Motors Co to Honda Motor Co to Daimler AG used the show to highlight new USA investments. Ford said he is encouraged that overhauling the corporate tax code is high on Trump's agenda.

    Snapchat Has Been Faking Growth Numbers, Ex-Employee Alleges

    It allegedly only made the move to hire Pompliano when it realized that a lack of key performance indicators could impact its IPO. The redacted portions include one 7½-page section that is entirely blacked out and a 4-page appendix that is blank.
  • Morocco 'prohibits the trade and production of the burka'

    Morocco 'prohibits the trade and production of the burka'

    Nouzha Skalli, the previous family and social development minister, appreciated the ban as "an important step in the fight against religious extremism".
    'Dozens' Trapped On Roller Coaster At Movie World On Gold Coast

    'Dozens' Trapped On Roller Coaster At Movie World On Gold Coast

    Queensland Ambulance Service official Paul Young said none of the trapped passengers at Movie World needed medical treatment. Out of those people, four people were rescued using a ladder platform, while the rest of them were easily rescued.

    La La Land lands 11 BAFTA nominations

    A full list of nominations and submitted them films can be found on the official website of the award. The contenders for the prestigious British Film and Television awards ( BAFTA ) have been announced.