Last year, the Facebook-owned messaging app Whatsapp, in a move applauded by privacy advocates, announced that it would be introducing end-to-end encryption to protect user data from being intercepted in transit, viewable only by sender and receiver. While, strictly speaking, WhatsApp did as it promised – using a system designed by Open Whisper Systems, creator of the Edward Snowden-endorsed messaging app Signal – it turns out that a fatal flaw in the encryption method has left a security hole that can be exploited, researchers from Brno University of Technology in the Czech Republic have discovered [PDF].
The Brno University researchers were able to reverse-engineer WhatsApp’s security protocol, which could give them access to supposedly encrypted messages sent via the app. How did it manage this if end-to-end encryption is really being implemented? While WhatsApp is using what is known as Public Key Encryption, it is using the same public key for every person, meaning that anyone who can decipher the key can access messages sent by any user, and that WhatsApp itself can access sent messages, something it claimed its end-to-end encryption would prevent.
An oversight like using the same public key for every user appears too specific to be accidental. Was WhatsApp presenting the illusion of end-to-end encryption to hide a secret backdoor from its customers? It’s a move that would certainly have the approval of the UK Government.
Plaion, a leading video game publisher, and Retro Games Ltd., a specialist in reimagined classic…
During the latest earnings call, NVIDIA CFO Colette Kress warned of a potential GPU supply…
Chinese sources say the GeForce RTX 5090, RTX 5080, RTX 5070 Ti, and RTX 5070…
GTA 6 doesn’t have an official release date yet, but it has already earned a…
Stay on Point with ActiveTrack 6.0 - With upgraded tracking tech, OM 6 sticks to…
Pack includes three Wiser Radiator Thermostats. These smart radiator thermostats are only designed to work…