WhatsApp Encryption Backdoor Warning
Popular messaging App WhatsApp a free cross-platform end-to-end encrypted messaging app owned by facebook has been found to be using poor security vulnerability patching allowing snooping not only on individual messages but whole conversations. Is this a backdoor or poor coding on Whatsapp’s behalf?
Tobias Boelter blogged about this vulnerability on january 13 2017. Tobias was quoted saying;
this flaw can be explained as a programming bug. Just a missed “if” statement for one of the corner cases. It is a type of flaw that is not necessarily introduced by malice, just like many other critical vulnerabilities in important products that are reported daily.
But Facebook showed no interest in fixing the flaw since I reported it to them in April 2016. So maybe it was a bug first, but when discovered it got started being used as a backdoor?
In plain English, WhatsApp hasn't done anything about this vulnerability after being notified which could indicate they want it there and the possibility of people or organisations to use this vulnerability and read private conversations.
A group of security experts have written an open letter to the Guardian, claiming the report is misleading.
Unfortunately, your story was the equivalent of putting “VACCINES KILL PEOPLE” in a blaring headline over a poorly contextualized piece. While it is true that in a few cases, vaccines kill people through rare and unfortunate side effects, they also save millions of lives.