WhatsApp backdoor: end-to-end encryption not so secure

Next story


Popular messaging app ‘WhatsApp’ is in some hot water over a backdoor into their famed end-to-end encryption.

WhatsApp is a free instant messenger application for smartphones and mobile devices. It uses Wi-Fi or data to send text messages, images, voice calls, video calls and voice notes to other users.

The application, recently acquired by Facebook, has been previously acclaimed for its end-to-end encryption. Facebook even claims that no one can intercept WhatsApp messages, not even the company or its staff.

However, recent research shows that the company can in fact read messages due to end-to-end encryption protocol.

Privacy is WhatsApp’s main selling point, and due to ‘secure’ communication, it is the messaging choice of many celebrities and politicians. The vulnerability is a ‘huge threat to freedom of speech’, and it is said that governments can use this protocol to access users’ messages.

Mark James, ESET IT Security Specialist, discusses why end-to-end encryption is important to some users.

“Not everyone will use WhatsApp because it has end-to-end encryption, some will use it because that’s what their other social contacts use and they will want to communicate or be available.

“For some the choice of what we use is strongly governed by its ability to encrypt or protect our data.

“One of the biggest problems for all these apps is that we have to believe that what the supplier states is true.

“After all, most don’t understand what end-to-end encryption actually means, just that it’s safer to use it if you don’t want someone else reading or accessing your private data.

“If WhatsApp state “When end-to-end encrypted, your messages and calls are secured so only you and the person you're communicating with can read or listen to them, and nobody in between, not even WhatsApp” then that should be the case 100% of the time.

“In certain conditions the government could have access to and can read your private messages sent through WhatsApp, so it all boils down to what you use WhatsApp for.

“If you use it because the end-to-end encryption will keep your messages safe from “anyone” reading them at any time, then you should choose another product that can guarantee that 100% of the time. If not, then continue using it but be aware that it is not as private as you thought.

Do you use WhatsApp? Does this news make you want to find a different app? Let us know on Twitter @ESETUK

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.