Computers Security Technology IT News – What’s WhatsApp Weak Spot?

Unless you are a newbie in the tech world, then you are probably very well-aware that apps and programs have weak spots. These vulnerabilities could in fact leak your private data. But it is especially concerning to read that WhatsApp’s messages are no longer as private as we all would want them to be. In order to get things started, we first must talk about what does network security mean in terms of WhatsApp.

What’s Up With WhatsApp?

The app which is now owned by Facebook, should handle encrypted messages so that they protect the sender’s privacy. However according to Tobias Boelter – a cryptography researcher at the prestigious University of California – Berkeley, this has not been so for a while.


This April, Boelter even advised Facebook to make changes on the App, due to security concerns. However this has not been yet fixed. It is also referred to as backdoor – a false vulnerability.

How Does WhatsApp Vulnerability Work?

sec-tahlilBoelter went even a step further and tried to explain on his blog to the general public how this vulnerability works in the real life. So, when an encrypted message is sent, but it is not delivered. It leaves the space for a third party to intervene with your messages and get the WhatsApp server to re-encrypt the original message using a new encryption key. This enables the third party to receive the original message. This issue has also been recognized by several others cryptographers who failed to see this as a backdoor. But rather refer to it as an issue which should be fixed.

What Does That Mean ForWhatsApp’sBillion Of Users?

So, this really leaves room for any one of the billion users of WhatsApp to question the safety of their messages. Since the service has been in the possession of Facebook. Millions of users have given this app their trust and used it despite the security issues.

Gray lock

In the company they explain that users should verify their identities through the security notifications. Which allows each user to get an alert message that will inform them if a message has been re-encrypted with a new security key. They have also called false claims that this is a backdoor. Which allows governments to decrypt message streams.