April 22, 2018

WhatsApp Security Open To Snoops

14 January 2018, 12:15 | Yvette Williams

WhatsApp messages are heavily encrypted but German researchers have found a vulnerability in group chatsReuters

WhatsApp messages are heavily encrypted but German researchers have found a vulnerability in group chats

Cryptographers from Ruhr University Bochum in Germany said that once a new member was added to a group the phone number of each member of the group automatically shares secret keys with that person, giving them full access to all future messages.

A bug in WhatsApp means it's possible to sneak into private chats without any admin permissions, despite the Facebook-owned company's best efforts with encryption.

Now, a group of German cryptographers from Ruhr University shared its findings during the Real World Crypto security conference, which was held in Switzerland.

A security flaw in the encrypted mobile messaging service WhatsApp could enable hackers to spy on private group chats, researchers warn.

According to WABetaInfo, a fan site that tests new WhatsApp features early, the new option, present in the Group Info section as "Dismiss as admin", allows an administrator to dismiss another one without removing him or her from the group. "Thereby it can cache sent messages to the group, read their content first and decide in which order they are delivered to the members", the research states. "On WhatsApp, existing members of a group are notified when new people are added", said Stamos. WhatsApp is a widely used messenger and is available in more than 60 different languages which include 10 Indian languages.

Celine Dion will perform in Singapore in July
She sat on the throne of power ballads, with hits like The Power of Love, Because You Loved Me and Where Does My Heart Beat Now . I am thrilled to announce I'll be touring the Asia-Pacific region this summer and I can't wait to perform for you...

An attacker would have to take control of WhatsApp servers which means a sophisticated hacker, a WhatsApp staffer or a government with legal authority could gain access, even though end-to-end encryption is supposed to protect users from even these sorts of attacks.

A security researcher at Signal, which licenses its rules of conduct to WhatsApp, said that the current design of he app is fair and that the report only sends a message to other people not to "build security into your products, because that makes you a target for researchers, even if you make the right decisions".

The flaw - detailed in a paper - shows how it is possible to add a participant into a conversation without the permission of the person in control of the group.

Furthermore, Alex Stamos, the chief security officer for Facebook, posted his opinion on Twitter regarding the supposed threat. Clients of a group retrieve membership from the server, and clients encrypt all messages they send e2e to all group members. "And if not, the value of encryption is very little", researcher Paul Rösler was quoted saying in the report. "I think it would be better if the server didn't have metadata visibility into group membership, but that's a largely unsolved problem, and it's unrelated to confidentiality of group messages", he added. We built WhatsApp so group messages can not be sent to a hidden user. But there is no [sic] a secret way into WhatsApp groups chats'.

Other News

Trending Now

UGA QB Eason likely transferring to UW
Eason has yet to make a transfer destination known at this time. "Thank you UGA for an incredible two years", Eason wrote. According to Adam Jude of the Seattle Times , Eason is expected to transfer to the University of Washington .

Jewels worth millions stolen in Paris armed robbery
The gems, taken by a gang of at least five men, were worth an estimated €4.5m (£4m). French media said the three were seasoned criminals, well known to police.

Margot Robbie's husband accidentally wore short shorts in front of… Barack Obama
Chris and Margot soon got stuck into the competition, offering their best Crocodile Dundee impressions, for which they tied. In the end, despite losing a point for not giving his Byron Bay address out on television, Chris won the trivia battle.

Kendrick Lamar & Vince Staples Featured in 'Black Panther' Trailer
The film also stars Lupita Nyong'o , Angela Bassett , Martin Freeman, Forest Whitaker and Dani Gurira among others. If you aren't excited about Black Panther , you must have had the sound off during all of the previous trailers .

Walmart to raise starting wages, give $1000 bonuses
The national unemployment rate at a 17-year low, making it increasingly hard to for companies to attract - and keep - workers. With the new plan, full-time hourly employees will receive 10 weeks of paid maternity leave and six weeks of paternal leave.

Kim Kardashian flaunts grill for first time since robbery
An insider previously revealed: 'The surrogate's comfort and safety is incredibly important to [Kim and Kanye]'. The couple are expecting the baby via a surrogate and it's thought that the little girl could arrive "any day".

SpaceX-launched satellite isn't seen in orbit, Pentagon says
Since the last Space Shuttle flight in 2011, NASA has relied upon the Russian space agency to carry US astronauts to the ISS. Additionally, a SpaceX rocket carrying supply missions to the International Space Station for NASA exploded in 2015.

Marvel Reportedly Developing Standalone 'Black Widow' Movie
Schaeffer is known for her Black List script The Shower , which is a comedy about an alien invasion during a baby shower. While the movie is unconfirmed and unannounced, Variety reports that Marvel has found a writer for it: Jac Schaeffer .

Here's What Trump's DACA 'Bill Of Love' Could Look Like
Lou Barletta praised Trump's initial decision to rescind the DACA protections set forth by the Obama administration. It would not offer the young illegal immigrants a pathway to citizenship. "And we need to have this conversation".

Russia Accuses US of Supporting Syrian Drone Attack on Their Syria Bases
Syrian air defences intercepted one rocket, but several more hit "near a military position, causing material damage", it added. They clashed with Tahrir al-Sham fighters around the airport, the Britain-based war monitoring group said.