WhatsApp: A Pivotal Flaw Could Expose Your Chat History
By Pavithra Rathinavel | March 12, 2014 6:04 PM EST
WhatsApp users should be wary when downloading Android apps, according to a Consultant from Netherlands.
According to Business Insider, if you don't pay close attention to an app's permissions before downloading and installing, your WhatsApp chat history might land in the hands of a hacker.
The application features push notifications to get messages instantly messages from friends, colleagues and family. Switch from SMS to exchange messages, pictures, audio notes and video messages with WhatsApp users for free.
Bas Bosschert, a Consultant, system admin and entrepreneur (as described in his blog), has more than 10 years of experience working with Linux and Unix. He noted how developers can deceive WhatsApp users into awarding access to their entire message history.
WhatsApp backs up messages (chat history) in your phone's SD card, so apps can easily access this information if granted permission to do so. This data can then be transferred to the developer/hacker's personal Web server.
His blog post elaborated how to create such apps. It also held a couple of screenshots to clarify the questions and doubts. He alleged anyone using his code (as described in his screenshots) on an Android game/app should extract WhatsApp user's chat history.
The user will not know that his data is being extracted. He can only see a loading screen when the game is started.
From the time Facebook acquired WhatsApp, we have been hearing more news pertaining to the security of WhatsApp messages. In the previous month, there was a WhatsApp outage, where users could not log into the application for hours. Later, WhatsApp cited a Network Issue as the reason for the cited outage.
Thijs Alkemade, a student at Utrecht University in the Netherlands said, WhatsApps' incoming and outgoing messages were encrypted with the "same key." This means if an attacker intercepts these messages, he or she can analyze them to cancel out the key and recover the plain text, according to Business Insider.
The easiest way to avoid any security violation is by asserting an app's source and paying close attention to the app's permissions and policies before downloading and installing.
To contact the editor, e-mail:
Join the Conversation
- Black Friday 2014 Sale: Top Deals On Game Consoles Xbox One, PS4, Nintendo Wii U And More
- Walmart Pre-Black Friday 2014 Sale On Nov. 21, 2014 Includes Discounts On The 'NBA 2K15' For PS4 And The 'Skylanders Trap Team’ Starter Kit [WATCH VIDEO]
- Alleged 'Microsoft Lumia 1030' Front Panel Leaked With Capacitive Buttons; 'Xbox One' Owners To Get Free Goodies On Anniversary
- More Bad News for Android 5.0 Lollipop As Problems Come In for Nexus and Other Devices
- BlackBerry Classic (aka Q20) Keyboard Shortcuts Explained In A Quick Video
- US To Supply Defensive Lethal Weapons To Kiev – A Vey Alarming Signal, Says Russia
- Amazon Black Friday 2014 Deals Start On Nov. 21, 2014 Including Limited-Time Lightning Deals And Deals Of The Day On Clothes, Toys, Jewelry, Watches, Bags, Accessories And Electronics