Such Tv Arabic
23 January 2018 Last updated 38 minutes ago

A huge WhatsApp design flaw that allows anyone to infiltrate private group chats

  • Published in Technology
  • Last modified onFriday, 12 January 2018 20:04
WhatsApp design flaw that allows anyone File Photo WhatsApp design flaw that allows anyone

A huge WhatsApp design flaw that allows anyone to infiltrate private group chats has been uncovered by security researchers.

Despite the service's end-to-end encryption, experts say hackers can insert people into WhatsApp groups without the permission of the chat's admin.

In response to the study, Facebook, which owns WhatsApp, has said it won't fix the problem, and that group chats 'remain protected' by the app's encryption.
Facebook's Chief Security Officer Alex Stamos wrote on Twitter that the bug is not effective because WhatsApp users are notified when new members join conversations.

The study was presented at the Real World Crypto security conference in Zurich, Switzerland, by a group of researchers from Ruhr University Bochum in Germany.

They found that anyone with control over WhatsApp's servers can add people to private group chats, including staff, hackers and governments who legally demand access.
Once a person has infiltrated a conversation, everyone in the chat automatically shares secret keys with that user.

This means they have access to all future messages, but cannot view past ones.

'The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them,' study coauthor Paul Rosler, told Wired.

The researchers suggest that those seeking absolute privacy should stick to one-to-one chats or use a different encrypted messaging service.