Whatsapp messages, that the company had claimed to be so secure that even staff couldn’t intercept it, aren’t secure, reported Guardian Newspaper today.
Paper said that there’s a loophole in Whatsapp that could allow Facebook and others to intercept and read your Whatsapp messages.
Citing a new research, the paper said that Facebook or others could read Whatsapp messages due to the way it has implemented its end-to-end encryption.
Paper said that these new finding mean a “huge threat to freedom of speech” and that this vulnerability could be used by government agencies as a backdoor to keep an eye on users who believe their Whatsapp messages to be secure.
Whatsapp has always boosted its security as a top selling point and was used by majority of activists, diplomats and other privacy-concerned users while considering it as a safe and secure platform.
Here’s What Can Trigger the Interception:
Whatapp’s end-to-end encryption relies on unique security keys that are generated in real time. These security keys are generated through famous “Signal protocol”, developed by Open Whisper Systems.
Whatsapp messages, when communicated, are encrypted while using these security keys to make sure that such communication isn’t intercepted while its travelling on the network.
However, according to this new research, WhatsApp can force-generate new encryption keys for offline users.
This change in encryption keys makes the sender re-encrypt messages with new keys and send some messages again that were not marked as delivered.
The recipient is not made aware of this change in encryption, while the sender is only notified if they have opted-in to encryption warnings in settings, and only after the messages have been re-sent.
This re-encryption and rebroadcasting effectively allows WhatsApp to intercept and read users’ messages.
This essentially means that Whatsapp has a control over encryption keys, and if its forced by government or in-house policies, it could read user messages or even worse let anyone read them.
WhatsApp, in response to the report, said that it does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor.
Encryption aur security bs aik drama hain. Nothing is truly secure on the web.
100℅ right!
World Biggest Truth “Nothing is truly secure on the web.”
It’s better to say:
Also wrong. For a good example, see google’s website. Til date billions of visits every year and no one’s hacked it.
Boss Yahoo ko Bhi Kai Bar Hack Kiya Gaya wikileaks julian assange” had hacked many websites but never knows people k kab hack howi, hacker will do it any things. Ye WhatsApp Bhi Kuch Nahi, Yaha Bus Numbers ka Data milyga Koi Storage nahi data rakhny ki is liye ab tak hack nahi howa
I don’t know where you get your false news from.
1. Wikileaks never hacks anyone or anything. They accept data that is either leaked by someone internal or hacked.
2. Same with Julian Assange.
3. As Moxie has already spoken, the news item about WhatsApp is heavily sensationalised. It is not broken at all like news sites are claiming.
How would Moxie know? Because he wrote the damn protocol in use by Signal messenger and WhatsApp encryption. Plus the source code and specification for the protocols have been made public and many many EXPERIENCED people have gone through it and not found problems.
konsi duniya me rehrahey ho,google ke pure headquater hack hochuke hen..
You’re wrong. You can’t even provide a single verifyed link with news or even apology from Google for that.
Kia Mars say aye hau? Humay sub ko pagal samaghte hau yaha Kia computer ke doctor hau tum?
Answers in order of questions: 1. No. 2. Yes.
Wrong. Decrypt this:
—–BEGIN PGP MESSAGE—–
Version: GnuPG v2.0
jA0EAwMC1eTYpYEBNubPyUZoo2/wGEl3C/ba89SbMIOIHarX7+cSkncNQAHnEes3
VwaLE7i1iBLqCVSi/wonDAuRJHJRz+4EMWb7Qf4Am0dnCmvJlmkY
=YxQR
—–END PGP MESSAGE—–
you do know that decrypting this message is possible .. i would only need a slightly powerful computer ( i have a shitty computer )
Unless you have a quantum computer somewhere, all your computers will fail to decrypt it.
gpg -a –symmetric –cipher-algo AES256 the-challenge.txt
Is this new it was all drama to satisfy people.
Ok! It means Facebook bought Whatsapp for 19 billion dollars thanks to its beautiful logo! LOL!
Durust farmaya! :-)
encryption ap ke mobile pe nae hoti balke encryption whatsapp server se tab hoti he jab ap ke mobile ki whatsapp app server ke sath sync ho, jab encryption server pe hosakti he to decryption bhi karskate hen whatsapp wale, logo ko bewakoof bana rahe hen ye.
This has been debunked. It’s your responsibility to inform your readers of that
Well, that is propakistani for you. I wouldn’t hold my breath waiting for them to update the post or make a new one with Moxie’s post.
Not by anyone but WhatsApp itself.