Daily Trends Now
Daily Trends Now


A WhatsApp security flaw let researchers snoop on group chat messages

A WhatsApp security flaw let researchers snoop on group chat messages

A team of cryptographers recently found a flaw in WhatsApp's group chats even after WhatsApp added the end to end encryption to the chats.

They found that anyone with control over WhatsApp's servers can add people to private group chats, including staff, hackers and governments who legally demand access.

'The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them, ' study coauthor Paul Rösler, told Wired.

Encryption has always been one of the more hard elements of group chat; the best protection in the world can not stop unintended readers from seeing messages once they've been decoded.

"Existing members are notified when new people are added to a WhatsApp group", the platform said. The server then checks that the user is authorized to administer that group, and (if so), it sends a message to every member of the group indicating that they should add that user. Since the group ID is a random 128-bit number (and is never revealed to non-group-members or even the server) that pretty much blocks the attack.

In their paper, the researchers compared WhatsApp's security practices with those of Signal and Threema, and they ultimately concluded that WhatsApp is the least secure of the three when it comes to group messages.




Facebook's Chief Security Officer Alex Stamos responded to the report on Twitter, saying, "Read the Wired article today about WhatsApp - scary headline!"

WhatsApp said it had "carefully looked" at the flaw and reassured users that their encrypted messages were safe.

However, researchers from Germany discovered that WhatsApp's end-to-end encryption might be useless because it does not protect from unauthorized access via company's servers.

WhatsApp rolled out the mentions feature for its users back in 2016 in an attempt to improve the overall experience of the users. Remeber the end-to-end encryption that WhatsApp uses for sending messages between users? And, if you scroll through the unread messages in the WhatsApp group manually, then the button will vanish automatically. "If I hear there's end-to-end encryption for both groups and two-party communications, that means adding of new members should be protected against". The concern raised here is that in groups with multiple administrators, the user can send out messages to multiple admins, fooling them about who invited the user.

Managing a WhatsApp group is going to be easier now.

follow

editors' picks

January 12, 2018
Google Assistant for DISH
We got to see a lot of new laptops, monitors, gadgets, speakers, smart home devices, and much, much more this year at the event . Drumming it up even more , Google and its OEM partners announced touch screen speakers to rival the Amazon Echo Show .

January 11, 2018
Issa will not seek re-election after serving ninth term
In 2016, the district's voters preferred Clinton by 8 points over Republican Donald Trump . Still, there is agreement that Issa faced a tough reelection fight in the fall.

January 09, 2018
Francis Lawrence's Red Sparrow Starring Jennifer Lawrence Gets New Trailer and Poster
The film also stars Joel Edgerton , Matthias Schoenaerts, Mary-Louise Parker, Ciaran Hinds, Charlotte Rampling and Jeremy Irons . After completing the training process she becomes the most risky Sparrow the program has ever created.

January 09, 2018
NFL Investigating Panthers' Use of Concussion Protocol for Cam Newton vs. Saints
Medical personnel attended to him as he sat on the field, then took him to the medical tent on the sideline for evaluation. Newton ran headlong into New Orleans defensive tackle David Onyemata in the fourth quarter and was bowled over backward.

January 09, 2018
India's Supreme Court will reconsider the nation's ban on gay sex
Section 377 has undergone many twists and turns ever since the Delhi High Court decriminalised it in 2009. The court said, "The determination of the order of nature is not a constant phenomenon".

January 08, 2018
Attorney General Jeff Sessions to rescind marijuana policy
The move raised questions about how it might impact tax revenues in states that permit some form of legal marijuana use. Right now 12 are poised to consider new laws in 2018. "What Jeff Sessions wants to do is roll back all of that".

January 07, 2018
IED Returns To Kashmir, Blast In Sopore Kills 4 Cops
Last week, four Indian soldiers were killed in an attack by armed attackers who stormed a paramilitary camp outside Srinagar . Sopore town was shut today in remembrance of over 50 civilians killed in alleged security forces firing on this day in 1993.

January 06, 2018
Salah wins CAF African Footballer of the Year ahead of Mane, Aubameyang
On his move from AS Roma, the Egyptian stated, "I have had two fantastic season with Roma and I was very happy over there".

January 05, 2018
Hot air balloon crash in Egypt kills 1, injures 19 tourists
The crash happened in Luxor, a popular tourist destination on the banks of the Nile River in southern Egypt. Since then, balloon rides are monitored by cameras and banned from flying above 2,000 meters.

January 05, 2018
With Latest Android And Immersive Entertainment, Nokia 6 Launched Today
Fortunately, this phone is not shrouded in mystery, so we do not have to wait until tomorrow to know about its specs and design. The most immediately noticeable aspect of the Nokia 6 (2018 ) is the relocation of its fingerprint sensor to the back.