ZURICH, Switzerland –The social media app famously known as WhatsApp has been known for its privacy features, wherein exchanges of conversations in the app are encrypted. However, just recently, there have been a group of German cryptographers that have managed to find a way to intrude the conversations on the app despite its encryption feature.
During the Real World Crypto security conference that was held in Switzerland recently, it was announced that researchers found a loophole and a variety of flaws WhatsApp’s security.
It was discovered that anyone who gets control over the server of the app could add a new member to the encrypted conversation without the permission of its administrator.
Thus, although the new member could no longer access the past messages, he will have access to the future messages, despite having it described as encrypted. It will look as though the new member has the permission of the admin to join even though someone else gave him access to the conversation.
With regard to the discovery made by the cryptographers, it has been declared that the confidentiality of the conversation was already ruined. This is led by the uninvited member who gets to join the group conversation without getting permission from its administrator.
In line with this, it has been suggested by researchers that if privacy and encryption are the purpose of having the conversation in WhatsApp, it’s better to stick with private messaging instead.
WhatsApp is currently owned by the famous social media app of all, Facebook. With the discovery of this loophole in the encryption feature of the application, it is considered to be one of its biggest flaws in their security.
Even though no individual can easily access the server, a number of people still could, such as government staffs that may need access to the conversation legally. These tendencies could occur in moments of a series of investigations. Others who could also access the server are those who are best at hacking accounts.
The chief security officer of Facebook also reacted on the news that came about regarding the loophole on WhatsApp’s encryption feature. According to him, there isn’t a secret way to access the group conversations in the app. He protested to the report saying that even though a server could give an uninvited member to the group conversation, the members of that group will inevitably be notified. Thus, they can automatically put a stop to their conversation to prohibit the new member from accessing any information.
Another concern raised was the ability to redesign the app to address the given concern. However, according to their security officer, this would reduce the ability to use the instant messaging app as easy as it is now.
Since the loophole discovered is not very alarming, it is not yet necessary to make any drastic change to the features of the given app. It has been confirmed that the security and encryption design of WhatsApp is still reasonable.
Nevertheless, the latest news on its flaw serves as a warning to the users to avoid any private conversation in WhatsApp to hinder them from being targets of researchers and hackers.
