A security issue could allow Facebook and other parties to intercept and read the messages you send via WhatsApp.
The flaw, which is more of a design choice than anything, has to do with how WhatsApp generates unique security keys to ensure its users’ messages are protected with end-to-end encryption.
The popular messaging app leverages the Signal protocol, developed by Open Whisper Systems, to help users trade and verify security keys between themselves. This exchange process helps to secure a conversation. It prevents a middleman from eavesdropping on the content of each message.
But while WhatsApp uses the Signal protocol, it’s not exactly the same as the Snowden-approved messaging app. The difference is that WhatsApp automatically generates new security keys when a user goes offline, which means it re-encrypts a message that’s not been delivered using those new keys and sends it again. Doing so technically empowers WhatsApp, Facebook (its owner), and others to intercept and read the message.
Tobias Boelter, a cryptography and security researcher at the University of California Berkeley who discovered the flaw, says WhatsApp could exploit this protocol to comply with government requests for users’ data.
As he told The Guardian:
“If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.”
Could isn’t the same as would, however.
A spokesperson for WhatsApp stated as much in response to The Guardian’s article. They also took issue with the suggestion that WhatsApp would surrender users’ data to government officials without notifying them of its decision to do so. In reality, the company representative said this insinuation couldn’t be further from the truth.
As quoted in a statement published by TechCrunch:
“WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor. The design decision referenced in the Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks. WhatsApp published a technical white paper on its encryption design, and has been transparent about the government requests it receives, publishing data about those requests in the Facebook Government Requests Report.”
Indeed, users of encrypted messaging app can activate a “Show Security Notifications” setting that alerts them if and when the security keys of one of their contacts change. Someone will receive a notification if they’ve enabled setting when their contact changes their phone or SIM card, for instance.
Still, that doesn’t mean WhatsApp should automatically resend the message without letting the user know about it first. What it could and probably should do is follow Signal’s example in notifying the user the keys have changed and not automatically resend a message. That way, a user could perhaps contact their correspondent via other means to inquire about the change in security keys. Alternatively, they might decide to end the conversation outright and delete the unsent message rather than risk getting exposed.
Is this flaw a government backdoor? No. But it is a chink in WhatsApp’s claim to protecting its users. Let’s hope the company thinks over this issue and decides to implement some changes as a result.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
3 comments on “WhatsApp vulnerability could allow Facebook and others to read messages”
David, here's an important quote from The Guardian story:
"Asked to comment specifically on whether Facebook/WhatApps had accessed users’ messages and whether it had done so at the request of government agencies or other third parties, it directed the Guardian to its site that details aggregate data on government requests by country."
"WhatsApp later issued another statement saying: “WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor.”
This is crucial because the first paragraph doesn't answer the reporter's question; have WhatsApp broken encryption on behalf of the government?. They could have categorically denied it and said "no" but they didn't.
The second paragraph is WhatsApp saying they haven't built a backdoor FOR governments. That's important, it implies that the 'backdoor' exists (we now know it does), but that it'll be used BY WhatsApp on a case-by-case basis (i.e. on behalf of the governments).
The other thing I find dislike is that the 'Security Notifications' option is off by default. Even if somebody had switched it on only the sender, and not the recipient, would be notified of a key change. The behaviour in Signal is different.
Your article David doesn't reference the comments of Lead Developer Moxie Marlinspike who helped WhatsApp implement the Signal ratchet. He has written a blog post which readers may find informative:
The gist of the article is this:
"The only question it might be reasonable to ask is whether these safety number change notifications should be "blocking" or "non-blocking." In other words, when a contact's key changes, should WhatsApp require the user to manually verify the new key before continuing, or should WhatsApp display an advisory notification and continue without blocking the user."
"Given the size and scope of WhatsApp's user base, we feel that their choice to display a non-blocking notification is appropriate."
The Guardian have also published a couple of related articles as well:
Thanks to Bob, he made the most important point, Signal is the safest, more secure app. We all know that Facebook has its sights set on somehow, or eventually gaining insight into all that hidden data to try and monetize the information to serve ads. Facebook has also been caught with both hands in the cookie jar many times before. In other words, less than trustworthy over time. So, as always, the big techies are always putting profits over users. Is greed the right word?
bottom line if you care about security, just use signal.