0 Shares 1630 Views

Bug in WhatsApp – Security Way out

Kamran Khatti Jan 14, 2017
0 1631

Be Careful! According to a report by The Guardian, WhatsApp contains a bug that allows Facebook and others to intercept and read encrypted messages.
The Guardian claimed that the huge threat is a backdoor to be used by the Government and other security agencies to trap the secure communication of the people.

However, Facebook claimed that the WhatsApp messages are unable to be intercepted and read by any one even the staff of the company cannot seize it. But the new research has denied this protocol security as the way of the end-to-end encryption depends upon the generation of the security keys that enables the company to read the messages.
Ensuring the privacy system to more than billion of the users the company reacted to the new research in such a way that it denied the claims and called them the false stories. It said that the bug was not placed intentionally, WhatsApp did not wanted to provide any backdoor to the government or any agency.

Thanks to Tobias Boelter who unveiled this bug. Tobias Boelter is a researcher of cryptography and security at the University of California. Talking to the Guardians about bug in WhatsApp he said “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.” He also told that the urbane handling of this system would let assailants to read and intercept WhatsApp messages.

While ZDNet’s security editor said that the big bug might be emerged because of the bad coding or a favor to good user experience.

However, WhatsApp has the capability to automatically resend an undelivered message with a new key without cautioning the user to prevent it.

WhatsApp said that the reissuing of the keys has been implemented to avoid the loss of millions of messages by conserving them.

This vulnerability has put a question mark on the privacy of messages sent across the service. WhatsApp has been used by billions of peoples but the mark on its end-to-end encryption has made its security claims suspicious.

Most from this category