WhatsApp Seeks to Calm Worries Over "Backdoor" Code
According to a blog post by security expert Tobias Boelter, a bug in the app means that some messages which are sent via WhatsApp can be intercepted and read by the company - even though it flat-out denied that such was the case when it was asked by Boelter back in April 2016. The problem, Boelter claims, comes when encryption keys are reissued.
Speaking to the Guardian (which is calling the flaw a '"vulnerability" rather than a "backdoor") Boelter said: “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.” Other privacy campaigners have claimed that such a discrepancy is "a huge threat to freedom of speech" which "could be exploited by government agencies."
In response, however, WhatsApp issued a statement saying:
Now, it would be very surprising to learn that WhatsApp, a company renowned for its privacy and high security and end-to-end encryption measures, is in fact intercepting messages sent by its users. It would be even more surprising to learn that such a company would be prepared to share such information with security services. Whilst stranger things have happened, it's worth treating such concerns with a degree of scepticism. There is, after all, no evidence that such harvesting or sharing of data has taken place.
Still, scepticism runs two ways: and it is indeed quite worrying to see ambiguity lingering around whether or not WhatsApp can actually read the messages. In any case, it's also worrying that WhatsApp has simply brushed-off such accusations. After all, even if they are responsibly denying themselves the urge to harvest data and pass it on under the table (which would be approaching the worst case scenario), the capacity to do so is apparently there - and there's little to guarantee that their successors, or indeed their fellow technology companies, would rule as such enlightened despots; and could, in fact, simply use the precedent set by WhatsApp (of shrugging things off in this case) as a justification for their doing the same.
WhatsApp Seeks to Calm Worries Over "Backdoor" Code Reviewed by James Stannard on Tuesday, January 17, 2017 Rating: