Privacy: WhatsApp's group messages might not be as secure as you think

Share

A flaw in WhatsApp's group messaging protocol means that, despite its vaunted end-to-end (E2E) encryption, messages can still be read by unwanted eyes, researchers from Germany's Ruhr University Bochum have found.

A group of German security researchers has concluded that WhatsApp group chats might not be so secure and can easily be infiltrated without permission of the group admin. Entering the group, however, leaves traces, since this operation is listed in the graphical user interface. They will have to use the "Message Admin" button to post a message or share media to the group. The server then checks that the user is authorized to administer that group, and (if so), it sends a message to every member of the group indicating that they should add that user.

"Additionally the WhatsApp server can forward these messages to the members individually such that a subtly chosen combination of messages can help it to cover the traces". WhatsApp, however, has turned down the claim.

H&M stores trashed in South Africa over 'coolest monkey' hoodie
Some Twitter users had alleged that the EFF had already caused chaos at the Kolonnade Mall. Ndebele said "normal trading" had resumed in the mall.

Responding to the report, WhatsApp said, "We've looked at this issue carefully". The report also said that there is no authentication mechanism for the invitation that its own server can add to the group.

"At present, WhatsApp is developing this feature for iOS and it will be available soon for all users, instead for Android it is already enabled by default in the newest WhatsApp Google Play beta for Android 2.18.12", the report confirmed.

WhatsApp has launched a feature in its beta version that will let users switch to video calls from voice calls at the touch of a button. "It's why we collect very little information and all messages sent on WhatsApp are end-to-end encrypted", the spokesperson added. "Read the Wired article today about WhatsApp - scary headline!" They say that they plan on revealing similar flaws in apps such as Signal and Threema.

Jio Vs Airtel Vs Vodafone
Talking about the benefits of the Jio 4G 149 plan, the plan offers unlimited calls including all local, STD and roaming calls. Airtel on Monday had revised its plans to offer validity of 82 days with the Rs. 448 plan, up from 70 days.

Stamos argued against the report, stating that there are many ways to check and validate the people on a group chat. But attackers that can control of a Threema server can replay messages or add a previously removed user back into a group, the researchers found.

According to WABetaInfo, a site that tracks changes and upcoming features in WhatsApp, the Facebook-owned messaging app is now testing a new feature called "Mentions Notification" which notifies users whenever they are mentioned in a group chat and allows them to skip all the unwanted messages and view only the messages where they've been mentioned. This would be possible without the need for the group administrator's permission, the researchers said.

Gillian Anderson Confirms She's Exiting Fox's 'The X-Files,' Starz's 'American Gods'
Anderson - who plays co-lead Dana Scully - confirmed late past year that the 11th outing would be her "last". Her co-star, David "Fox Mulder" Duchovny, posted a sweet message on Twitter .

Share