comscore No, WhatsApp does not have any backdoors for government snooping: Open Whisper Systems
News

No, WhatsApp does not have any backdoors for government snooping: Open Whisper Systems

Both companies have explained how the reported backdoor is not dangerous, but just a feature.

iOS

A seemingly damning report has put a big question over how secure the WhatsApp messaging platform really is. Turns out a bug — which WhatsApp reportedly has known about for quite sometime — theoretically allows the company or a government agency to snoop on any encrypted messages sent over the platform. WhatsApp however has categorically refuted the report, calling it a false claim. Also Read - WhatsApp beta for iOS reveals changes, here's what users might get

Also Read - How to temporarily deactivate/permanently delete WhatsApp account

The Guardian was the first to report about the bug, which was discovered by Tobias Boelter, a security researcher at the University of California. This flaw is basically related to how the app deals with security keys that are essential for the end-to-end encrypted messages. In order to send the message to a receiver even if they are offline, the report claimed, WhatsApp compromised the entire encryption system. WhatsApp has the ability to force the generation of new encryption keys for offline users, unbeknown to the sender and recipient of the messages, and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered, the report said. Also Read - WhatsApp COVID-19 relief efforts: How you can get resources during the pandemic

So in theory, this workaround would allow WhatsApp or any government agency to get access to your encrypted messages. But the company is adamant that is not the case. “The Guardian posted a story this morning claiming that an intentional design decision in WhatsApp that prevents people from losing millions of messages is a ‘backdoor’ allowing governments to force WhatsApp to decrypt message streams. This claim is false,” a WhatsApp spokesperson said in a statement sent to TechCrunch. “The design decision referenced in the Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks,” the statement added.

It s not just WhatsApp, but even Open Whisper System has called the claims made by The Guardian report as false. For the uninitiated, Open Whisper System are the developers of the Signal protocol, which WhatsApp uses for its end-to-end encryptions. According to the company, the changing of encryption keys is a normal occurrence in cryptography, and a key is usually changed when someone gets a new device, or even just reinstalls the app, their identity key pair will change . WhatsApp also gives users the option to be notified when those changes occur, but this option is not turned on by default. But the security company assures that the system has been designed in such a way that WhatsApp server has no knowledge of whether users have enabled the change notifications, or whether users have verified safety numbers. WhatsApp could try to “man in the middle” a conversation, just like with any encrypted communication system, but they would risk getting caught by users who verify keys. ALSO READ: WhatsApp reportedly working on Enterprise service, likely to launch later this year

The fact that WhatsApp handles key changes is not a “backdoor,” it is how cryptography works, the company s blog reads. Any attempt to intercept messages in transmit by the server is detectable by the sender, just like with Signal, PGP, or any other end-to-end encrypted communication system.

If you are nonetheless worried about your encrypted messages being read by someone else, you can choose to be notified if the security key of the receiver has changed. To do this, head over to Settings -> Accounts -> Security, and turn on Show Security Notifications . ALSO READ: Beware! Message claiming WhatsApp, Facebook to start billing for usage is a hoax

WhatsApp isn t the only messaging app under the spotlight. A Buzzfeed investigation has revealed a potential security hazard in the messaging app Signal. The report claims that when you sign up using your phone number, almost everyone that has your number can see that you are using the app. Since Signal is mostly used by privacy advocates or whistleblowers, you are invariably a part of the guilty party.

The same report also casts doubt over Telegram, which is another of the secure messaging apps. It claims that Russia s Federal Security Service (FSB) has compromised the app. An FSB cyber operative flagged up the Telegram enciphered commercial system as having been of especial concern and therefore heavily targeted by the FSB, not least because it was used frequently by Russian internal political activists and opportunists. His/her understanding was that the FSB now successfully had cracked this communications software and therefore it was no longer secure to use, the report reads.

BONUS VIDEO: WhatsApp Tips and Tricks: How to Change Your Registered Phone Number

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel. Also follow us on  Facebook Messenger for latest updates.
  • Published Date: January 14, 2017 1:28 PM IST



new arrivals in india

Vivo Y73
Vivo Y73

20,990

OnePlus Nord CE 5G
OnePlus Nord CE 5G

22,999

iQOO Z3
iQOO Z3

19,990

Realme C25s
Realme C25s

9,999

Poco M3 Pro 5G
Poco M3 Pro 5G

13,999

Realme X7 Max 5G
Realme X7 Max 5G

26,999

Oppo F19
Oppo F19

18,990

Motorola Moto G40 Fusion
Motorola Moto G40 Fusion

13,999

POCO M2 Reloaded
POCO M2 Reloaded

9,499

OPPO A74 5G
OPPO A74 5G

17,990

Oppo A53s 5G
Oppo A53s 5G

14,990

Vivo V21 5G
Vivo V21 5G

29,990

Realme C25
Realme C25

9,499

Realme C21
Realme C21

7,999

Realme C20
Realme C20

6,799

Motorola Moto G60
Motorola Moto G60

17,999

iQOO 7
iQOO 7

31,990

Samsung Galaxy M42 5G
Samsung Galaxy M42 5G

21,999

Xiaomi Mi 11 Ultra
Xiaomi Mi 11 Ultra

69,999

Xiaomi Mi 11X Pro 5G
Xiaomi Mi 11X Pro 5G

39,999

Xiaomi Mi 11X
Xiaomi Mi 11X

29,999

Realme 8 5G
Realme 8 5G

13,999

Samsung Galaxy F02s
Samsung Galaxy F02s

8,999

Samsung Galaxy F12
Samsung Galaxy F12

10,999

POCO X3 Pro
POCO X3 Pro

18,999

Realme 8 Pro
Realme 8 Pro

17,999

Realme 8
Realme 8

14,999

Vivo X60 Pro Plus
Vivo X60 Pro Plus

69,990

Vivo X60 Pro
Vivo X60 Pro

49,990

Vivo X60
Vivo X60

37,990

OnePlus 9 Pro 5G
OnePlus 9 Pro 5G

64,999

OnePlus 9R 5G
OnePlus 9R 5G

39,999

OnePlus 9 5G
OnePlus 9 5G

49,999

Samsung Galaxy A72
Samsung Galaxy A72

34,999

Samsung Galaxy A52
Samsung Galaxy A52

26,499

Micromax In 1
Micromax In 1

10,499

Asus ROG Phone 5
Asus ROG Phone 5

49,999

Samsung Galaxy M12
Samsung Galaxy M12

10,999

Motorola Moto G30
Motorola Moto G30

10,999

Motorola Moto G10 Power
Motorola Moto G10 Power

9,999

Oppo F19 Pro Plus 5G
Oppo F19 Pro Plus 5G

25,990

Oppo F19 Pro
Oppo F19 Pro

21,490

Xiaomi Redmi Note 10 Pro Max
Xiaomi Redmi Note 10 Pro Max

18,999

Xiaomi Redmi Note 10 Pro
Xiaomi Redmi Note 10 Pro

15,999

Xiaomi Redmi Note 10
Xiaomi Redmi Note 10

11,999

Realme Narzo 30A
Realme Narzo 30A

8,999

Realme Narzo 30 Pro
Realme Narzo 30 Pro

16,999

Infinix Smart 5
Infinix Smart 5

7,199

Samsung Galaxy F62
Samsung Galaxy F62

23,999

Samsung Galaxy A12
Samsung Galaxy A12

12,999

Nokia 5.4
Nokia 5.4

13,999

Nokia 3.4
Nokia 3.4

11,999

Realme X7 Pro 5G
Realme X7 Pro 5G

29,999

Realme X7
Realme X7

19,999

Vivo Y31
Vivo Y31

16,490

Oppo Reno5 Pro 5G
Oppo Reno5 Pro 5G

35,990

Samsung Galaxy S21 Ultra 5G
Samsung Galaxy S21 Ultra 5G

1,05,999

Samsung Galaxy S21 Plus 5G
Samsung Galaxy S21 Plus 5G

81,999

Samsung Galaxy S21 5G
Samsung Galaxy S21 5G

69,999

Vivo Y12s
Vivo Y12s

9,990

Vivo Y51A
Vivo Y51A

17,990

Samsung Galaxy M02s
Samsung Galaxy M02s

8,999

Xiaomi Mi 10i
Xiaomi Mi 10i

21,999

Oppo A15s
Oppo A15s

11,490

Tecno Spark 6 Go
Tecno Spark 6 Go

8,499

Vivo V20 2021
Vivo V20 2021

24,990

Vivo Y20A
Vivo Y20A

11,490

Xiaomi Redmi 9 Power
Xiaomi Redmi 9 Power

11,999

Motorola Moto G9 Power
Motorola Moto G9 Power

11,999

Motorola Moto G 5G
Motorola Moto G 5G

20,999

Vivo V20 Pro
Vivo V20 Pro

29,990

Xiaomi Mi 10T
Xiaomi Mi 10T

35,999

Xiaomi Redmi 9i
Xiaomi Redmi 9i

8,299

Xiaomi Mi 10T Pro
Xiaomi Mi 10T Pro

39,999

Infinix Hot 10
Infinix Hot 10

9,999

Vivo V20 SE
Vivo V20 SE

20,990

Vivo V20
Vivo V20

24,990

Micromax In 1b
Micromax In 1b

6,999

Micromax In Note 1
Micromax In Note 1

10,999

OnePlus 8T
OnePlus 8T

42,999

Samsung Galaxy F41
Samsung Galaxy F41

15,499

Apple iPhone 12 Pro Max
Apple iPhone 12 Pro Max

1,29,900

Apple iPhone 12 Pro
Apple iPhone 12 Pro

1,19,900

Apple iPhone 12 Mini
Apple iPhone 12 Mini

69,900

Apple iPhone 12
Apple iPhone 12

79,900

Poco X3
Poco X3

16,999

Realme Narzo 20A
Realme Narzo 20A

8,499

Realme Narzo 20
Realme Narzo 20

10,499

Realme Narzo 20 Pro
Realme Narzo 20 Pro

13,999

Oppo F17
Oppo F17

16,990

Samsung Galaxy M51
Samsung Galaxy M51

22,999

Poco M2
Poco M2

10,999

Oppo F17 Pro
Oppo F17 Pro

22,990

Realme 7 Pro
Realme 7 Pro

19,999

Realme 7
Realme 7

14,999

Xiaomi Redmi 9A
Xiaomi Redmi 9A

6,799

Vivo Y20
Vivo Y20

12,990

Xiaomi Redmi 9
Xiaomi Redmi 9

8,999

Nokia 5.3
Nokia 5.3

13,999

Best Sellers