Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
WhatsApp Vulnerability Discovered
January 16, 2017
Tobias Boelter, a cryptography and security researcher at the University of California Berkeley discovered a vulnerability in WhatsApp that could allow Facebook (owners of WhatsApp) and others the ability to intercept and decrypt messages. Normally, it's called a "backdoor" when a company can decrypt users' messages without their permission, but WhatsApp calls it a feature. A WhatsApp spokesman was quoted in TechCrunch stating: "WhatsApp does not give governments a 'backdoor' into its systems and would fight any government request to create a backdoor. The design decision referenced in the Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks. WhatsApp published a technical white paper on its encryption design, and has been transparent about the government requests it receives, publishing data about those requests in the Facebook Government Requests Report."
The issue is summarized by Graham Cluley as: "…WhatsApp automatically generates new security keys when a user goes offline, which means it re-encrypts a message that's not been delivered using those new keys and sends it again. Doing so technically empowers WhatsApp, Facebook (its owner), and others to intercept and read the message." In contrast, Signal warns the user that keys have changed and does not automatically send the data again. The user must approve the retransmission. The way WhatsApp handles its message transmissions still smells like a backdoor to me. Another reason I don't have a Facebook account.
E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
http://www.senseient.com