What about security features on the user-facing side of WhatsApp. While metadata does not allow anyone to read your messages, it lets authorities know whom and when you messaged someone, and for how long.īut that’s on the back-end. This is one of the major criticisms of WhatsApp’s security model. Also, it does not encrypt the metadata which is used to carry communication between two endpoints. It’s also noteworthy that even though all your communication on WhatsApp uses E2E encryption, the company does not encrypt backups (cloud and local). That’s a good thing, because the Signal protocol is open source, widely peer-reviewed, and is generally considered one of the best protocols for implementing end-to-end encryption in messaging platforms.
That said, it’s noteworthy that WhatsApp uses the E2E protocol developed by Open Whisper Systems, which is the name behind Signal messenger. WhatsApp can’t decrypt the contents of your messages, calls, photos, etc, thus ensuring your security and privacy. What that means, is that you and the recipient are the only people who can read the messages you send to them.
So all your messages, video calls, voice calls, photos, and anything else you share is end-to-end encrypted on WhatsApp. Plus, E2E on WhatsApp is available on every single mode of communication that the app enables. It can be found in Settings>Account>Security>”Show security notifications”.One thing that WhatsApp definitely has going for it is its end-to-end encryption. However, there is a feature in WhatsApp that notifies the user if the encryption key changed. The loophole (backdoor) still exists and there is no way for the user to prevent it. “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys,” Boelter told The Guardian.īoelter informed Facebook about the issue in April last year, but the company was already aware of the same in advance and wasn’t interested in fixing it. The research throws light on the fact that Facebook (via WhatsApp) can change the cryptographic key for any undelivered message – when the app is not connected to the internet – which in turn allows them to read it. To enable encryption, a unique cryptographic key exchange takes place between the sender and receiver. The key encrypts or decrypts the messages. According to Boelter, Whatsapp’s encryption system has a loophole (or a backdoor) that allows Facebook and friends to access the “encrypted” messages.
0 kommentar(er)
