WhatsApp denies encrypted messages can be intercepted
"The Guardian posted a story this morning claiming that an intentional design decision in WhatsApp that prevents people from losing millions of messages is a `backdoor` allowing governments to force WhatsApp to decrypt message streams. This claim is false," said a company spokesperson in a statement sent to TechCrunch.
WhatsApp has denied the reports that encrypted messages on its platform can be read or intercepted, saying it has a design decision relating to message delivery, with new keys being generated for offline users in order to ensure messages do not get lost in transit.
The Guardian reported on Friday that a security vulnerability that can be used to allow Facebook and others to intercept and read encrypted messages has been found within its WhatsApp messaging service.
"The Guardian posted a story this morning claiming that an intentional design decision in WhatsApp that prevents people from losing millions of messages is a `backdoor` allowing governments to force WhatsApp to decrypt message streams. This claim is false," said a company spokesperson in a statement sent to TechCrunch.
WhatsApp said that it does not give governments a "backdoor" into its systems and would fight any government request to create a backdoor.
"The design decision referenced in the Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks," the statement added.
WhatsApp has published a technical white paper on its encryption design, and has been transparent about the government requests it receives, publishing data about those requests in the Facebook Government Requests Report.
The security issue was detected by Tobias Boelter, a cryptography and security researcher and reported by the Guardian.
"If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys," Boelter was quoted as saying.
However, many security commentators have said that the vulnerability being claimed to be discovered is nothing new "but rather a rehashing of the long-standing issue of how key verification is implemented within an encrypted system."
"If someone would demand WhatsApp to implement a backdoor, you might expect them to implement something more obvious. Like responding with the history of all conversations when triggered to so do with a certain secret message. Furthermore, this flaw can be explained as a programming bug," Boelter was quoted as saying.
He said that Facebook did not fix the flaw since he reported it to them in April 2016.
"So maybe it was a bug first, but when discovered it got started being used as a backdoor," he added.
Get Latest Business News, Stock Market Updates and Videos; Check your tax outgo through Income Tax Calculator and save money through our Personal Finance coverage. Check Business Breaking News Live on Zee Business Twitter and Facebook. Subscribe on YouTube.
RECOMMENDED STORIES
Power of Compounding: How long it will take to build Rs 5 crore corpus with Rs 5,000, Rs 10,000 and Rs 15,000 monthly investments?
Small SIP, Big Impact: Rs 1,111 monthly SIP for 40 years, Rs 11,111 for 20 years or Rs 22,222 for 10 years, which do you think works best?
11:47 AM IST