Thursday, March 28, 2024
Advertisement
  1. You Are At:
  2. News
  3. Business
  4. Your WhatsApp messages can be read by Facebook: Report

Your WhatsApp messages can be read by Facebook: Report

The WhatsApp messages could be read without its billion-plus users knowing about it.

India TV Tech Desk India TV Tech Desk New Delhi Published on: January 14, 2017 14:07 IST
WhatsApp
Your WhatsApp messages can be read by Facebook: Report

The WhatsApp messages could be read without its billion-plus users knowing about it. 

According to a report in The Guardian, the Facebook-owned mobile messaging service WhatsApp is vulnerable to interception due to a security backdoor in the way the company  has implemented its end-to-end encryption protocol.  

WhatsApp system relies on unique security keys that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman.

However, the report points out that WhatsApp can force the generation of new encryption keys for offline users "unbeknown to the sender and recipient of the messages."

"If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys, " Tobias Boelter, a cryptography researcher at the University of California was quoted as saying by The Guardian.  

Boelter claimed that he had reported the backdoor vulnerability to Facebook in April 2016 and was told that Facebook was already aware of the issue but that it was not actively being worked on.    


 

In a statement, the Facebook said that there was a way of notifying users when a contact's security code had changed. 

            

"We know the most common reasons this happens are because someone has switched phones or reinstalled WhatsApp.... In these situations, we want to make sure people's messages are delivered, not lost in transit," the statement said.  

However, The Guardian claimed that it had verified that the security backdoor still exists. 

 

“ WhatsApp can effectively continue flipping the security keys when devices are offline and re-sending the message, without letting users know of the change till after it has been made, providing an extremely insecure platform," The Guardian quoted Steffen Tor Jensen, head of information security and digital counter-surveillance at the European-Bahraini Organisation for Human Rights, as saying.                       

Advertisement

Read all the Breaking News Live on indiatvnews.com and Get Latest English News & Updates from Business

Advertisement
Advertisement
Advertisement
Advertisement