Flutterby™! : WhatsApp vulnerability

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

WhatsApp vulnerability

2017-01-13 20:23:05.078702+01 by Dan Lyke 2 comments

Edit: Open Whisper Systems: There is no WhatsApp 'backdoor'.

WhatsApp vulnerability allows snooping on encrypted messages.

WhatsApp’s end-to-end encryption relies on the generation of unique security keys, using the acclaimed Signal protocol, developed by Open Whisper Systems, that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman.

However, WhatsApp has the ability to force the generation of new encryption keys for offline users, unbeknown to the sender and recipient of the messages, and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered.

Do not trust Facebook or closed-source with your communications.

[ related topics: Invention and Design Cryptography ]

comments in descending chronological order (reverse):

#Comment Re: WhatsApp vulnerability made: 2017-01-23 21:41:18.656524+01 by: Dan Lyke

WhatsAp p, Signal, and dangerously ignorant journalism

#Comment Re: WhatsApp vulnerability made: 2017-01-17 19:08:33.927274+01 by: Dan Lyke

Hmmmm... this is apparently a complex issue: WhatsApp vulnerability described by the man who discovered it.