Researchers claim WhatsApp group chats vulnerable, company denies

12 January, 2018, 15:15 | Author: Pamela Mathis
  • Creepy hackers could secretly eavesdrop on your private WhatsApp group chats, experts claim

According to a report in Wired, the researchers say that anyone who controls WhatsApp's servers can add people into private group chats, without getting the admin's permission.

The issues are encryption flaws and were detailed at the Real Word Crypto security conference in Zurich, Switzerland by researchers from Ruhr University Bochum in Germany.

The other participants will get a notification about a new user joining the group, but they have no way of knowing whether the new member was invited by the administrator (s). WhatsApp is a widely used messenger and is available in more than 60 different languages which include 10 Indian languages.

That any would-be eavesdropper would have to control the WhatsApp server limits the spying method to sophisticated hackers who could compromise those servers, WhatsApp staffers, or governments who legally coerce WhatsApp to give them access.

German cryptographers have found a way to infiltrate WhatsApp's group chats despite its end-to-end encryption.

OR physicians urge flu patients to call first due to overcrowding
The advice from Werker, Shahab and others is to stay home when you're sick, cough into your sleeve and always wash your hands. All three victims were over the age of 65 and had influenza A, said Tara Perkins, the Health District's director of nursing.


In a paper describing the flaw, titled "More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema", the researchers explain how someone could take advantage of it.

WhatsApp has confirmed the researchers' findings but points out that it is not possible to add a new member to a group without members of that group being notified.

The application has already submitted the "Restricted Groups" setting via Google Play Beta Programme in the version 2.17.430 which will restrict other members from responding to group messages without the administrator's approval. They will have to use the "Message Admin" button to post a message or share media to the group. The flaw means that anyone in control of a WhatsApp server could, in theory, insert people into a conversation - either with the aim of simply eavesdropping, or diverting the conversation. Since the group ID is a random 128-bit number (and is never revealed to non-group-members or even the server) that pretty much blocks the attack.

Security experts note that WhatsApp threat might seem like an alarming flaw. "I think it would be better if the server didn't have metadata visibility into group membership, but that's a largely unsolved problem, and it's unrelated to confidentiality of group messages", he added. "And if not, the value of encryption is very little", researcher Paul Rösler was quoted saying in the report.

WhatsApp is working on a new group notifications feature where a user will be notified every time they are mentioned by someone.

Recommended:



Popular

China's surging exports widen trade surplus with US
The world's second-largest economy reported strong overall trade data for 2017. Customs is expected to release dollar-denominated trade data later on Friday.

PM wages war on plastic in new environment plan
The organisation also questioned why such a 25-year timescale was necessary for eliminating "avoidable" plastic waste. By that time, we would have added, at the current rate, nearly another 300million tonnes of plastic to our oceans.

A Huge Mudslide Just Tore Through California. This Is The Aftermath
But county emergency manager Jeff Gater said officials decided not to use the cellphone push alert system until 3:50 a.m. Kagel Canyon resident Patricia Beckmann Wells told the Los Angeles Times she expects to be trapped in her neighborhood.

Nintendo Direct Round-Up; Everything New Coming to Nintendo Switch
Wave 1 , releasing on January 31 will introduce the new battle character Aegislash with the support set Mega Rayquaza and Mimikyu. Now, the action RPG is coming to the Switch , delivering spruced up visuals, a new epilogue and rejigged controls.

Trump Suggests He Has 'Very Good Relationship' With North Korea's Kim
While Trump has referred to Jong-un as " rocket man ", his rival had previously called him a "mentally deranged dotard ". Trump has in the past called Kim "short and fat" and "a bad dude". "Not helpful enough, but they have been very helpful.

Camila Cabello Finally Responds to Fifth Harmony's VMA Diss: 'It Definitely Hurt'
John went on to praise the "OMG" singer, and stated that her "vibrancy" makes him want to get up and dance anytime he hears her music.

Tottenham's new White Hart Lane stadium to host Raiders-Seahawks NFL game
The other two will take place at Wembley Stadium, English soccer's national stadium, on October 21 or 28. Those interested in attending any of the games can go to www.ticketmaster.com/nfl for information.

Moneygram and Ripple Partner to speed up Transactions
MoneyGram will use XRP to speed up and reduce the cost of transferring money through the cryptocurrency's network xRapid . Global payments is a growing market, particularly with mobile solutions increasingly coming on board.

After Zuma, SpaceX keeps pace in preps for next Falcon 9 launch
According to Wired Magazine, Northrop Grumman supplied the adapter fitting connecting the Zuma payload with the Falcon 9 rocket. That will be followed by a January 18 night launch from the Cape of an Atlas V rocket and USA missile warning satellite.

Some Christian Celebrities Praise Oprah After Golden Globes Speech, Presidential Rumors
Over 30-plus years, she became the face of television talk shows, starred and produced feature films, and began her own network. After watching Oprah Winfrey's Golden Globe speech , I felt so empowered.