WhatsApp vulnerability could expose messages to prying eyes, report claims
When Facebook’s WhatsApp turned on end-end-end encryption in its messaging service last year, it was a big deal. As all eyes were glued on Apple’s fight with the FBI over unlocking the San Bernardino shooter’s iPhone, WhatsApp took a huge step toward protecting its users’ privacy by moving to encrypt all messages and calls being sent between its apps.
But a new report suggests it might not be as secure as users think. According to The Guardian, a serious vulnerability in WhatApp’s encryption could allow Facebook to intercept and read messages unbeknownst to the recipient, and only aware of by the sender if they have previously opted in to receive encryption warnings. The security flaw, which was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley, can “effectively grant access (to users’ messages)” by changing the security keys and resending messages.