Facebook says outage was a result of incorrect server configuration

Facebook has said that a "server configuration change" was to blame for the worst outage in its history. Facebook and its apps Instagram, Facebook Messenger and WhatsApp suffered outages for a considerable time on Thursday, affecting users for some 12 hours in most areas of the world, with the biggest impact in North America and Europe, according to the tracking website downdetector.com.

Facebook has only just offered an explanation for the problems it has experienced over the past 24 hours.

The company hasn't elaborated on what the server configuration change exactly meant nor has it said how many users were affected or why the outage took so long to fix. In a tweet, Facebook just apologised and thanked people for their patience. It said it had "triggered a cascading series of issues" for its platforms, including WhatsApp and Instagram.

"Yesterday, as a result of a server configuration change, many people had trouble accessing our apps and services," a Facebook tweet said. "We've now resolved the issues and our systems are recovering. We're very sorry for the inconvenience and appreciate everyone's patience."

The outage was believed to be the worst ever for the internet giant that reaches an estimated 2.7 billion people with its core social network, Instagram and messaging applications. It took the social network giant a full day from when the problems began to offer any explanation. It added that everything was now back to normal.

The outage brought fresh attention to the embattled social networking leader. It is yet another publicity problem for a company already dealing with privacy issues and regulatory probes.

The disruption isn’t likely to hurt advertisers much since they usually pay for ads per click or impression. But they lose potential customers who might have seen their ads when the site and apps were down. Longer term, Facebook’s reputation with advertisers and investors could be damaged, said Wedbush Securities managing director Dan Ives. It didn’t help that it took Facebook so long to explain what was going on, he said. Facebook said on Wednesday that the problem was not related to a “distributed denial of service” or DDoS attack, a type of attack that hackers use to interrupt service to a site, but didn’t provide any other details until Thursday. “In these situations, a lack of transparency is not a good look,” Ives said. “The longer something like this lasts, the more questions there are.”

Whatsapp Asks Apple Users to Beware Of the Touch ID, Face ID Feature




A recently discovered bug in the Touch ID, Face ID feature rolled out on WhatsApp is progressively turning into a grave threat to the iPhone users as it enables anyone to effortlessly sidestep the authentication systems. The support for Touch ID or Face ID to unlock the application is accessible for WhatsApp version 2.19.20 and when enabled correctly, the application requires the user to utilize the Touch ID or Face ID each time they get to access the application.

The Android users are safe, since this specific feature isn't made available for them.

A Reddit user explained in a post with respect to how simple the bypassing of the system is and how nearly anybody can do it. The method fundamentally begins to work when the user gets the choice to unlock the application either immediately or after one moment, after 15 minutes or after an hour and he/she chooses some other option than "Immediately".

It doesn't work in the event that it is set to immediately and this can be changed when "Require Face ID" is enabled from WhatsApp Settings > Account > Privacy > Screen Lock. In the event that the user wishes to sidestep the Touch ID and Face ID feature on the iPhone, they will need to open the iOS Share Sheet on any application and pick WhatsApp.


In the interim, WhatsApp issues an announcement with respect to its awareness with the issue and said that, “We are aware of the issue and a fix will be available shortly. In the meantime, we recommend that people set the screen lock option to immediately,”



Whatsapp Declines to comply with the Government’s Demand



With general elections scheduled to be held one year from now in India, the Indian Government is taking a strict prospect of the utilization of various social media platforms like Facebook, Twitter, and WhatsApp for the spread of prevarication of information.

In the light of the same it had requested from WhatsApp for a solution for track the outset of messages on its platform.

The Facebook owned firm though declined to comply with the government's request saying that the move will undermine the protection and privacy of WhatsApp users.

Sources in the IT Ministry have said that the administration has declared that WhatsApp should keep on exploring the specialized technical advancements whereby if there should be an occurrence of mass circulation of offensive and detestable messages whipping up clashes and delinquency, the outset can be figured out easily.

The ministry is additionally looking for an all the more firm affirmation of the assent with Indian laws from the company, along with the foundation of grievance officer with a wide framework.

Accentuation has been given to the fact that a local corporate entity, subject to Indian laws, ought to be set up by the company in the outlined time period.


Prior this week the WhatsApp Head Chris Daniels got together with the IT Minister Ravi Shankar Prasad for tending issues similar to this one. After the gathering, Mr. Prasad said that the legislature has requested that WhatsApp set up a local corporate entity and uncover a technological solution in order to ascertain the outset of the  phony messages circled through its platform simultaneously commission  a grievance  officer.

 “People rely on WhatsApp for all kinds of sensitive conversations, including with their doctors, banks and families. Building traceability would undermine end-to-end encryption and the private nature of WhatsApp, creating potential for serious misuse,” the Facebook-owned firm said on Thursday.

“WhatsApp will not weaken the privacy protections we provide,” a company spokesperson stressed, adding, “Our focus remains working closely with others in India to educate people about misinformation and help keep people safe.”

A month ago, WhatsApp top administrators, including COO Matthew Idema, met IT Secretary and other Indian government authorities to summarize the several different advances being taken by the company on this issue.


WABetaInfo says WhatsApp in Israel now uses Facebook servers

A popular fan website, WABetaInfo, that tracks WhatsApp Beta updates, on Monday tweeted that WhatsApp users in Israel are now connected through Facebook servers.


This news comes amidst the Facebook privacy and data controversy when people online are wary of what using Facebook means for their privacy and security.

WABetaInfo, however, again tweeted to reassure users that the data is still encrypted and that Facebook will only be receiving the metadata.


The website also said that the new update will improve the quality of the connection.

Twitter user and information security researcher, Karine Nahon, however, pointed out that:


Another user said that encryption itself is not a problem, but the fact that dynamic metadata such as last seen, etc. should be deleted after some time.


Still, the website told its readers not to worry and to wait till May to understand what data is being stored in the servers.

WhatsApp has not yet confirmed or denied this update.

A new privacy law — the General Data Protection Regulation (GDPR) — passed by the European Union will come into effect from May 25 this year, which will harmonize internet privacy laws all across Europe.

WhatsApp had last month signed a public commitment with Britain's Information Commissioner's Office (ICO) to not share user’s data with Facebook until the privacy and data security concerns have been addressed.

Information Commissioner Elizabeth Denham in a statement said, "WhatsApp has assured us that no UK user data has ever been shared with Facebook, other than as a 'data processor.’ ”

A New App That Can Help You Spy On Your Contacts via Whatsapp


There is no doubt that WhatsApp is hands down the most used instant messaging service today and there's no messaging app that can match it in terms of users on-board.

But unfortunately, the app has called for a host of hacks that basically allows a person to spy on any of their friends or family via WhatsApp without them having any knowledge of it.

This new creepy app  "Chatwatch"  helps an individual to do  this is by making use of the online or offline status feature of WhatsApp's to tell users how often their friends check the app and also estimates as to when they go to bed every day -- potentially making it an invasive app.

"Find out when they went to bed, how long they slept… Even compare chat patterns between people you know, and we will tell you the probability of them talking to each other during the day, using Artificial Intelligence," Chatwatch notes on its website.

Now what’s more distressing is that all this comes at a time when Facebook users are busy uninstalling apps they got connected with long ago via "Facebook log-in" after the social media platform, which also owns WhatsApp, was hit by a major data breach.

It's a creepy new trick that the app's developers hope will bring more attention to how Facebook handles our data, along with how other companies access and analyse it," tech website LifeHacker reported. "It's also likely that WhatsApp will find a way to block Chatwatch soon. So if you want to spy on your friends expose Facebook's privacy issues, you should try it soon," it added.

Chatwatch generally requires 24 hours before it can generate certain insights but even if you’ve disabled the ‘Last Seen’ feature in your account settings, it’ll still be able to figure out your WhatsApp activity quiet easily.

"Chatwatch" is currently available on Android platform and the developers are reportedly working on a web-based version as well. The app was first launched on iOS devices but it was later taken off from the Apple App Store. For reasons unknown to the website, it further adds that Apple has suspended their app from the app store, but they are working on a web version to launch as soon as possible, and appealing the decision with Apple.



CBI busts child pornography racket internationally operating on WhatsApp

The Central Bureau of Investigation (CBI) on Thursday busted an internationally operating WhatsApp-based child pornography racket, which had 199 members from all over the world.

According to CBI, the racket was being operated from Delhi, Noida, and Uttar Pradesh.

The main WhatsApp group admin and kingpin, Nikhil Verma (20), has been arrested and the police have searched the premises of Verma and four other suspects — Satyendra Chauhan, Nafis Raza, Zahid, and Adarsh — in Delhi, Uttar Pradesh, and Maharashtra.

CBI is investigating whether the videos uploaded on the group were recorded by the admins or were sourced from elsewhere, and whether they were charging money for sharing the clips.

The group (called “KidsXXX”) had 199 members and included nationals from India and various other countries including US, Pakistan, Brazil, Afghanistan, Sri Lanka, Kenya, Nigeria, Mexico, and New Zealand.

After receiving intelligence of the group, CBI tracked the IP addresses of the admins and kept a watch for sometime before carrying out the raids.

CBI has registered a case against the admins and members of the group under section 67-B of the IT Act and law enforcement of other countries involved have also been contacted. Identities of the victims are yet to be confirmed.

Police have seized laptops and hardware of the administrators where child pornographic content was found.

Lebanon Spyware Uncovered, Steals Data through Fake Messaging Apps

Researchers from non-profit campaign group Electronic Frontier Foundation (EFF) and mobile security group Lookout have together uncovered malware that targets individuals such as military personnel, journalists, lawyers, and activists, using fake apps that look like popular messaging apps like WhatsApp and Signal.

The malware, dubbed “Dark Caracal” by the researchers, targets known Android weaknesses and iOS has not been affected by it.

According to their report on Dark Caracal, the malware was traced back to a server in a Lebanese government building — a building belonging to the Lebanese General Security Directorate in Beirut, Lebanon — and seems like the threat could be coming from a nation-state.

“We have identified hundreds of gigabytes of data exfiltrated from thousands of victims, spanning 21+ countries in North America, Europe, the Middle East, and Asia,” the report read.

“This is a very large, global campaign, focused on mobile devices. Mobile is the future of spying because phones are full of so much data about a person’s day-to-day life,” said EFF Director of Cybersecurity Eva Galperin.

Data stolen through the spyware includes documents, call records, audio recordings, secure messaging client content, contact information, text messages, photos, and account data.

According to EFF, WhatsApp or Signal have not been compromised, and Google has confirmed that the infected apps were not downloaded from its Play Store. Instead, the attackers use “spearphishing” to get these fake apps on targets’ phones, which is a phishing attack that specifically targets an individual using information the attacker has on the victim.

“All Dark Caracal needed was application permissions that users themselves granted when they downloaded the apps, not realizing that they contained malware,” said EFF Staff Technologist Cooper Quintin.

Dark Caracal has reportedly been operating since 2012 but has been unable to track down because of the number of similar attacks happening all over the world that have repeatedly been misattributed to other cybercrime groups.

This research has shed light on how governments and people are able to spy on individuals all over the world.



Skygofree Malware: One of Most Advanced Spyware Ever Seen

Russian cybersecurity lab, Kaspersky, has found out a new advanced Android spyware having “never before seen” features that lets hackers carry out advanced surveillance on Android phones, such as location-based audio recording, WhatsApp message theft, and connecting an infected device to Wi-Fi networks controlled by cybercriminals.

The malware, dubbed as “Skygofree,” was reportedly found on malicious websites in Italy. According to Kaspersky, the malware is most likely an offensive security product sold by an Italy-based IT company that markets various surveillance wares.

More information including, Skygofree's commands, indicators of compromise, domain addresses, and device models targeted, can be found in their blog post on Securelist.

The spyware functions by tricking the “Accessibility” feature present in Android to help users with disabilities access their apps. Using this, the spyware can read the messages displayed on the screen, even those sent by the user.

Skygofree is also capable of taking pictures and video, recording audio and noise according to the location specified by the hacker, record Skype conversations, seizing call records, geolocation data, and other sensitive data.

Kaspersky believes that, just like an earlier hack in 2015 by Hacking Team, an Italy-based spyware developer, Skygofree was also developed by Italians.

Skygofree has allegedly been active since 2014 and has been targeting select individuals, who are all from Italy. The spyware has been undergoing regular development since then and as many as 48 commands were found in the latest version.

France’s data protection authority CNIL gives a sharp warning to WhatsApp ;issues a formal notice

Facebook, when it acquired WhatsApp back in early 2014 said that it won't have the capacity to link the WhatsApp users to their Facebook accounts. In any case, things being what they are, turns out it wasn't so difficult after all. A year ago, the organization changed the WhatsApp terms of services to do just that: link the WhatsApp and Facebook profiles belonging to the same user.

Facebook had allowed many of its users to opt out, yet that wasn't sufficient for the regulators. Germany had even requested Facebook to quit gathering WhatsApp data last September, a similar thing happened in the UK several months later and now fast forward to December 2017; there be yet another European nation issuing similar order.

Facebook's messaging service WhatsApp was given a one-month final proposal by one of Europe's strictest privacy watchdogs, which requested it to quit offering user data to its parent without getting the necessary assent. France's information insurance specialist also known as the data protection authority, CNIL gave quite a cautioning to WhatsApp by issuing a formal notice, scrutinizing it for "inadequate and insufficient" participation and cooperation.

The decision comes a year later after the European Union privacy authorities (security specialists) said that they had "genuine concerns" about the sharing of WhatsApp user data for purposes that were excluded in the terms of conditions and the privacy policy when people had signed up to the service.
However, even after the EU slapped Facebook with a €110 million fine over unlawful WhatsApp information sharing, France says that it has still not collaborated with information security expert CNIL, and could confront another sanction if it doesn't start thinking responsibly inside 30 days. The social network is as yet exchanging Whatsapp information for "business intelligence," it claims, and the only possible way that clients can quit is by uninstalling the application.

It was a French regulator, who saw that WhatsApp was sharing user information like phone numbers to Facebook for "business insight" reasons. When it over and over made a request to take a look at the information being shared, Facebook said that it is put away in the US, and "it considers that it is only subject to the legislation of the country," as per the CNIL. The regulator countered that whenever information is assembled in France, it naturally turns into the authority in charge.

The information exchanges from WhatsApp to Facebook occur to some extent without the users' assent, nor the legitimate interest of WhatsApp, CNIL said.

France says that while the notice was issued to Facebook, it's additionally intended to exhort users that this "gigantic information exchange from WhatsApp to Facebook" was occurring. "The best way to deny the information exchange for 'business insight' purposes is to uninstall the application," it adds. In any case, Facebook guarantees that it will keep on working with the CNIL to ensure that the users comprehend what data it gathers as well as how the data is utilized.

The merging of WhatsApp's data with Facebook was the first step taken by Facebook a year ago towards monetising the stage since the social network's CEO Mark Zuckerberg bought the company for about $22bn in 2014.

WhatsApp for Business: Standalone App Set for Release

It seems like WhatsApp is finally ready to launch its new standalone app for businesses to interact separately on their platform. In an FAQ on its website, it detailed how WhatsApp for Business is going to work and its features. 

The interface of the app remains the same, but the features afforded to businesses differ from the original messaging app. 

To communicate with customers using this new messaging app, businesses will first have to register using their business number, separate from their normal WhatsApp messenger number. Once they are registered, they will have a ‘business account’ which will be marked by a gray question mark symbol beside their name showing that the business has neither been confirmed or verified by WhatsApp.

Once a business confirms their business number, they become a ‘confirmed account’ and a gray tick appears next to their name. A green check-mark means it is a ‘verified account’ used by a business that is authentic and verified by WhatsApp. 

The new app is already live in Play Store but is yet to be released to general public. 

Back in September, WhatsApp announced that it was experimenting and beta-testing ‘WhatsApp Business’ with few pilot-testers. Users may remember communicating with brands like BookMyShow, MakeMyTrip, or Goibibo using the messaging app.


Kshitija Agrawal