Whatsapp’s Private Group Chats Contain a Security Loophole

By Aitzaz Hassan | Published Jan 11, 2018 | 3:18 pm
Apps

New research shows that a WhatsApp group chat can be easily compromised by anyone who has access to WhatsApp servers.

WhatsApp’s end-to-end encryption might not be that secure after all. Yet another research has found loopholes in the messaging apps’ security protocols. Anyone who is in control of a WhatsApp server can easily add people to private group chats. The major development is surprising as WhatsApp has stated multiple times that security is the company’s main focus.

Research

The research group from Ruhr University Bochum conducted ran tests on multiple apps for any security flaws. These apps included Threema and Signal too, however, they passed the researchers’ test without any major security flaw.

WhatsApp, on the other hand, was found vulnerable as a major security flaw was found by the research group that could result in privacy breaches. The group’s paper on security flaw was later published as well. You can take a detailed look at it here.

One of the co-authors of the paper, Paul Rosler, also commented on WhatsApp’s lack of security saying;

The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them.

Also Read

WhatsApp Security Flaw Let Hackers Take Control Of Any Account

Findings of Research

According to the research, anyone with access to the servers can add anyone to any private chat group. For example an employee at WhatsApp has access to multiple servers and can mess with any private encrypted group chats. Currently, the app only lets chat group admins add new members to a group.

WhatsApp says that though there isn’t any mechanism in place to authenticate the addition of someone to the group but there is a system to notify all members about it. Once a new person gets added to the chat, every member is notified about it. The person cannot read previous messages of chat as they are end-to-end encrypted. Still its no good news that a person other than admin can add someone to a chat.

WhatsApp really needs to do something about it to ensure complete security of the app. The research paper and its findings will be presented in Zurich at World Crypto Conference.

Via Engadget 

📢 For the latest Tech & Telecom news, videos and analysis join ProPakistani's WhatsApp Group now!

Follow ProPakistani on Google News & scroll through your favourite content faster!

Aitzaz Hassan

Writer

lens

Spotify Launches ‘Your K-Pop Persona’ to Celebrate the K-Pop Fandom
Read more in lens

perspective

A Love Letter to Pakistan: A Foreign CEO Reflects on 5 Years
Read more in perspective
Get Alerts

Follow ProPakistani to get latest news and updates.

Follow Us

ProPakistani Community

Join the groups below to get latest news and updates.

Tech & Telecom
Business
Auto
General & Pakistan
Sports
Entertainment
WhatsApp Channel
>