You thought that end-to-end encryption that you didn’t really understand was there to protect you, hey?
Think again, my china.
While group chats have become an effective way to communicate with any number of people at once, they might not be as private as you would have liked.
This is according to a German security company that discovered a huge WhatsApp design flaw that “allows anyone to infiltrate private group chats,” reports Daily Mail.
In other words, hackers can add people into WhatsApp groups without the permission of the chat’s admin.
And Facebook’s response? Well, the owners of the communication app said it won’t fix the problem and that “group chats ‘remain protected’ by the app’s encryption”:
Facebook’s Chief Security Officer Alex Stamos wrote on Twitter that the bug is not effective because WhatsApp users are notified when new members join conversations.
He argued that “since all members of a group chat can see who joins a chat, they’ll be notified of any eavesdroppers”.
I would disagree.
The findings were presented as a part of a study at the Real World Crypto security conference in Zurich, Switzerland, by a group of researchers from Ruhr University Bochum in Germany:
They found that anyone with control over WhatsApp’s servers can add people to private group chats, including staff, hackers and governments who legally demand access.
Once a person has infiltrated a conversation, everyone in the chat automatically shares secret keys with that user.
This means they have access to all future messages, but cannot view past ones.
As it stands, WhatsApp servers can only be accessed by its employees and governments who follow the legal route to gain access through court orders. But if hackers get into the servers? Surely chaos will follow.
My advice? Throw away your phone.
[source:dailymail]
Hey Guys - thought I’d just give a quick reach-around and say a big thank you to our rea...
[imagesource:CapeRacing] For a unique breakfast experience combining the thrill of hors...
[imagesource:howler] If you're still stumped about what to do to ring in the new year -...
[imagesource:maxandeli/facebook] It's not just in corporate that staff parties get a li...
[imagesource:here] Imagine being born with the weight of your parents’ version of per...