{"id":5843,"date":"2017-01-18T22:34:23","date_gmt":"2017-01-18T22:34:23","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/01\/18\/news-48\/"},"modified":"2017-01-18T22:34:23","modified_gmt":"2017-01-18T22:34:23","slug":"news-48","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/01\/18\/news-48\/","title":{"rendered":"Security hole in WhatsApp and how to fix it"},"content":{"rendered":"

Friday the 13th is always a day that superstitious people look to find bad news tied to random events or actions, like a black cat crossing their path or breaking a mirror. However on some occasions, bad news can also break on such an “unlucky” day.<\/p>\n

\"Security<\/a> <\/p>\n

Today, marks one of those occasions as The Guardian<\/em> broke a story entitled WhatsApp backdoor allows snooping on encrypted messages<\/a>. The story focuses on a reported security backdoor from researcher Tobias Boelter<\/a>.<\/p>\n

According to the exclusive in the Guardian:<\/p>\n

WhatsApp’s end-to-end encryption relies on the generation of unique security keys, using the acclaimed Signal protocol, developed by Open Whisper Systems<\/a>, that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman. However, WhatsApp has the ability to force the generation of new encryption keys for offline users, unbeknown to the sender and recipient of the messages, and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered.<\/em><\/p>\n

\n
\n

How private is that private messenger really? https:\/\/t.co\/V7nGJpEikU<\/a> #mobile<\/a> #messenger<\/a> #privacy<\/a> pic.twitter.com\/WPESX5lR16<\/a><\/p>\n

— Kaspersky Lab (@kaspersky) January 11, 2017<\/a><\/p>\n<\/blockquote>\n