WhatsApp: A Pivotal Flaw Could Expose Your Chat History
By Pavithra Rathinavel | March 12, 2014 6:04 PM EST
WhatsApp users should be wary when downloading Android apps, according to a Consultant from Netherlands.
According to Business Insider, if you don't pay close attention to an app's permissions before downloading and installing, your WhatsApp chat history might land in the hands of a hacker.
The application features push notifications to get messages instantly messages from friends, colleagues and family. Switch from SMS to exchange messages, pictures, audio notes and video messages with WhatsApp users for free.
Bas Bosschert, a Consultant, system admin and entrepreneur (as described in his blog), has more than 10 years of experience working with Linux and Unix. He noted how developers can deceive WhatsApp users into awarding access to their entire message history.
WhatsApp backs up messages (chat history) in your phone's SD card, so apps can easily access this information if granted permission to do so. This data can then be transferred to the developer/hacker's personal Web server.
His blog post elaborated how to create such apps. It also held a couple of screenshots to clarify the questions and doubts. He alleged anyone using his code (as described in his screenshots) on an Android game/app should extract WhatsApp user's chat history.
The user will not know that his data is being extracted. He can only see a loading screen when the game is started.
From the time Facebook acquired WhatsApp, we have been hearing more news pertaining to the security of WhatsApp messages. In the previous month, there was a WhatsApp outage, where users could not log into the application for hours. Later, WhatsApp cited a Network Issue as the reason for the cited outage.
Thijs Alkemade, a student at Utrecht University in the Netherlands said, WhatsApps' incoming and outgoing messages were encrypted with the "same key." This means if an attacker intercepts these messages, he or she can analyze them to cancel out the key and recover the plain text, according to Business Insider.
The easiest way to avoid any security violation is by asserting an app's source and paying close attention to the app's permissions and policies before downloading and installing.
To contact the editor, e-mail:
Most Popular Slideshows
Join the Conversation
- Russia's New Tactical Nuclear Weapons Program Growing Confident Against the US: Talks of World War III
- Apple and Google Engage in Thermonuclear War, New Google Translate Chat App in the Works
- Kobani ISIS Fighter Sends Out Desperate Message For Prayers And Support: Euphoria Turns Into Desperation As Kurds Advance
- Chris Algieri’s Battered Face Trends On Social Media
- Home Depot Early Black Friday 2014 Sale Up To Nov. 29, 2014 Includes Special Buys On Appliances Such As Samsung Refrigerators, Whirlpool Electric Ranges And Hoover Vacuum Cleaners
- Andrew Robb Asks Obama Not to ‘Lecture’ Australia on Climate Change
- Highest Paid NBA Players 2014: NBA Stars Who Earn More Than LeBron James