Researchers claim to find a way to infiltrate WhatsApp Group chats

Share

A team of crytopgraphers from Germany's Ruhr University Bochum say they have uncovered flaws in WhatsApp's security that could limit the benefits of the messaging service's vaunted end-to-end encryption in group chats. "It's why we collect very little information and all messages sent on WhatsApp are end-to-end encrypted", the spokesperson added.

Once a new member who is uninvited has been added to the group, the confidentiality of the group will be broken as the member can access all the new messages and read them, claims one of the researchers.

After an initial story was published by Wired Facebook's chief security officer, Alex Stamos tweeted that it was not possible to access WhatsApp group chats.

"The phone of every participant in the group then automatically shares secret keys with that new member, giving him or her full access to any future messages", the report added.

While, the group and the chats themselves have a layer of end-to-end encryption, the servers that the chats run on don't. The obvious examples that come to mind are hackers who manage to gain access to WhatsApp servers or a government successfully pressuring WhatsApp to give it access to targeted group chats.

GAME BOY is Coming Back-in "Ultra" Form!
Hyperkin is reportedly planning to release the Ultra Game Boy by late summer of this year for a price point under $100. Based on reports from CES 2018, the Ultra Game Boy will function more or less like a classic Game Boy.

For the Signal messaging app, which uses the same underlying encryption protocol as WhatsApp, the security researchers found the app contains the same group chat vulnerability but further mitigated by an attacker not only having to control the relevant Signal server but also having to know the Group ID number for the chat (and these IDs are essentially unguessable).

The vulnerabilities found in Threema and Signal are relatively harmless compared to the problems researchers found with WhatsApp, because of the relative ease with which new people can be inserted into private groups without any permission.

'We built WhatsApp so group messages can not be sent to a hidden user. Someone with control of WhatsApp's servers can add a new person to a group without administrator even knowing, is what the researchers claim.

Perhaps even more troubling, a compromised admin with control of the server could manipulate the messages that would alert group members that someone new had been added, according to the researchers.

New additions to the group chat would be notified to all members of the chat just like normal.

Doctor Accused of Having Wife Killed to Protect Drug Empire
According to prosecuters, James Kauffman said he would sooner kill April than grant the divorce and lose half his empire. Last June, police and Federal Bureau of Investigation agents launched a raid on Kauffman's home and medical practice.

"We've looked at this issue carefully", a spokesman told us.

The system relies on unique security keys "that are traded and verified between users to guarantee communications are secure and can not be intercepted by a middleman", the report said.

The messaging giant added "end-to-end encryption" two years ago, which it was thought to have made messaging more secure as the messages were scrambled so that they could only be read by those who were meant to receive them.

"Given the alternatives, I think that's a pretty reasonable design decision, and I think this headline pretty substantially mischaracterizes the situation".

Is singing a Hindu prayer in KVs permissible? SC decides
Veenayak's petition challenged the validity of Article 92 of the "Revised Education Code of Kendriya Vidyalaya Sangathan". After the azans and other mythological beliefs now the sword is hanging on the morning prayers sung in the school.

Share