13th January 2017 By Mark Wilson
http://betanews.com/wp-content/uploads/2016/08/skype-whatsapp-icons-600x400.jpg
Facebook has long-claimed that its WhatsApp messaging service is completely secure and messages cannot be intercepted thanks to its use of end-to-end encryption. But researchers have unearthed a serious security flaw that makes it possible to read encrypted messages.
Based on Open Whisper Systems' Signal Protocol, the unique security keys used to implement end-to-end encryption should keep messages secure. But WhatsApp can force offline users to generate new keys and this could allow Facebook -- and third parties -- to read messages.
The problem is a serious one, as WhatsApp's supposed security has earned it a good deal of respect, and it is a communication tool that those who wish to remain anonymous have come to rely upon. Tobias Boelter, a security researcher at the University of California, discovered the security problem. He says: "If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys".
Full Article
Backdoor in WhatsApp's end-to-end encryption leaves messages open to interception
Userlevel 7
+54
Userlevel 7
+54
By Tom Spring January 13, 2017
In a short statement, WhatsApp said the claim was false:
“WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor. The design decision referenced in The Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks. WhatsApp published a technical white paper on its encryption design, and has been transparent about the government requests it receives, publishing data about those requests in the Facebook Government Requests Report.”
Full Article
In a short statement, WhatsApp said the claim was false:
“WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor. The design decision referenced in The Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks. WhatsApp published a technical white paper on its encryption design, and has been transparent about the government requests it receives, publishing data about those requests in the Facebook Government Requests Report.”
Full Article
Userlevel 7
Well, all I can say to this one is that I hope that this is true and not just some sort of obfuscation born out of embarrassment at the situation, as such an approach serves neither company nor user well.
Userlevel 7
+54
The man who found the app’s ‘backdoor’ posted two videos
http://i1-news.softpedia-static.com/images/fitted/340x180/whatsapp-supposed-security-vulnerability-explained-step-by-step-in-videos.jpg
Jan 17, 2017 18:08 GMT · By Alexandra Vaidos Last week, there was talk about a supposed vulnerability in WhatsApp, one that could potentially compromise messages sent through the platform. Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley discovered the “backdoor”.
He found that Facebook and WhatsApp could potentially intercept and read encrypted messages sent within the app. The vulnerability could compromise information sent through the network, despite the fact that WhatsApp uses end-to-end encryption. The cryptographer recently gave an interview to The Guardian explaining the issue.
Full Article
Userlevel 7
+54
22 January 2017, By Chris Loterina
The Guardian found itself in hot water after publishing a purportedly explosive story, claiming that WhatsApp has a backdoor that can compromise the security of its users. A group of security experts has already branded the story false, going as far as calling for its retraction.
In a Jan. 13 piece, The Guardian's Manisha Ganguly wrote that research conducted by privacy campaigners revealed that a feature in WhatsApp has a security vulnerability that could enable Facebook or the government to intercept and read encrypted messages.
The report has been dubbed as a bombshell because WhatsApp has been considered one of the gold standards for secure instant messaging due to its end-to-end encryption feature. Ganguly dutifully pointed this out to underscore the purported exploit to the app's Signal protocol.
Full Article
The Guardian found itself in hot water after publishing a purportedly explosive story, claiming that WhatsApp has a backdoor that can compromise the security of its users. A group of security experts has already branded the story false, going as far as calling for its retraction.
WhatsApp's Expected Behavior Controversy
In a Jan. 13 piece, The Guardian's Manisha Ganguly wrote that research conducted by privacy campaigners revealed that a feature in WhatsApp has a security vulnerability that could enable Facebook or the government to intercept and read encrypted messages.
The report has been dubbed as a bombshell because WhatsApp has been considered one of the gold standards for secure instant messaging due to its end-to-end encryption feature. Ganguly dutifully pointed this out to underscore the purported exploit to the app's Signal protocol.
Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.