WhatsApp won't be as secure as you think: what about end-to-end encryption?

Cybercriminals will have access to information about devices linked to WhatsApp. (Illustrative image)

WhatsApp will have a security vulnerability that will allow information about the settings of linked devices to be leaked to other people.

Messaging platform I would like to calculate the gap, which… According to researcher Tal Be'eri, Displays data about the number of devices the account is used on.

Although some people prefer not to share this information to maintain privacy, The app can reveal this without your consent, Starting from the main phone to other devices Such as tablets or computers that have a WhatsApp account activated.

The digital protection expert pointed out that the WhatsApp security system known as E2EE shows the number of devices a person uses.

End-to-end encryption is a communication system where only connected users can read messages. (WhatsApp)

This happens because when a message is sent, the sender's device creates a different security key for each device owned by the person who will receive the message.

That's by saying, For each message sent, different security codes are generated for each device the content will reach. In addition, it is stated that this information can be viewed without any complications from the computer.

Using developer features in Google Chrome, you can examine WhatsApp Web session details, allowing you to discover gray data, such as security keys generated for each contact.

If multiple keys appear associated with a message, this means that this person is using WhatsApp on more than one device with their number.

In the main cell phone settings you can link devices. (WhatsApp)

however, Just because these keys are visible does not mean that end-to-end encryption, which protects conversations, is at risk. This encryption is still effective, but the presence of multiple keys reveals the number of devices linked to the WhatsApp account.

See also  Big disaster: PC gamers are so upset about The Last of Us: Part 1, and all the critics are pointing in the same direction - The Last of Us: Part 1

By applying the above procedure, attackers have the ability to passively verify data on WhatsApp users' devices.

from here, It can detect if users have additional devices and identify any changes to the information on those devices By constantly monitoring that data.

With this information, attackers can choose the easier strategy and decide to attack the additional device before the main device, because these devices are usually more vulnerable.

In Chrome for Developers, it is possible to view the number of icons created. (media)

Additionally, they can customize their attacks by sending malicious code to primary mobile devices, while sending unsuspecting messages to secondary browsers or devices.

finally, These attackers have the ability to determine whether victims have changed their mobile phones or computers. This would allow them to launch new attacks or take advantage of any vulnerability that may exist in the new platform added by the user.

The stalker could probably infer that I was home or not, depending on which device I usedsaid Harlow Holmes, director of information security and digital security at the Freedom of the Press Foundation.

The specialist points out that to comprehensively solve this privacy problem, it is necessary to make modifications to the end-to-end encryption protocol (E2EE) that WhatsApp uses.

The expert contacted Meta and the company said that “this architecture is necessary.” (media)

Perry was to inform Meta of his discoveries on January 9. But the company that owns the WhatsApp application would not have considered them errors in the application’s programming.

See also  China's Tianwen 1 probe takes a selfie on Mars with a removable Wi-Fi camera

Meta is said to believe that these issues will be related to the way the security protocol is designed and, It seems they are not planning to make changes to the app.

As long as no changes are made to WhatsApp's E2EE protocol, it is recommended as a precaution to unlink and log out of the application every time you stop using a supplementary device such as a computer or tablet.

Lovell Loxley

"Alcohol buff. Troublemaker. Introvert. Student. Social media lover. Web ninja. Bacon fan. Reader."

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top