Search This Blog

Showing posts with label Message encryption. Show all posts

WhatsApp, Telegram Data Stored on Phones is Vulnerable to Cyber Attacks



The data saved by users onto their devices through social messaging apps, Whatsapp and Telegram is vulnerable to cyber attacks and can be exploited by malware with access to external storage, as per the security researchers at Symantec.

End-to-end encryption prevents user data from being read or secretly modified, it led users into believing that their communication is highly secured and their conversations are protected against being accessed by third-party apps. However, the findings at Symantec have made users reconsider the whole idea of data protection via encryption.

The media exchanged on WhatsApp and Telegram gets stored in either of the two storages, external or internal. Now, if the data is stored in the victim's external storage and the malware enters his mobile device, it is configured to gain easy access to these saved files and exploit it subsequently. Moreover, the malware can acquire access to this data even prior to the users, according to The Verge.

After examining the issue, WhatsApp released statements telling that the corresponding updates are under progress with Android's ongoing development.

Referencing from the statements given by a WhatsApp spokesperson, “WhatsApp has looked closely at this issue and it’s similar to previous questions about mobile device storage impacting the app ecosystem. WhatsApp follows current best practices provided by operating systems for media storage and looks forward to providing updates in line with Android’s ongoing development,”

"WhatsApp follows guidelines from Android including: 'You should use external storage for user data that should be accessible to other apps and saved even if the user uninstalls your app, such as captured photos or downloaded files.' We store files in the same manner as other messaging apps (like Viber), email (like Gmail), and file storage apps (like Dropbox)," he added.

Commenting on the upcoming Android update, he informed, "The suggested changes here could both create privacy complications for our users and limit how photos and files could be shared."

Indian Government asks WhatsApp to fingerprint messages









The government of India has asked the instant messaging app WhatsApp to digitally fingerprint every message which is sent on its platform, to ensure traceability of all content. 

According to two senior government officials, WhatsApp should keep a track off a message, from where it originated, how many people read it and how many forwarded it. 

“Fingerprinting WhatsApp messages will help find the originator of the message. That is all we want,” the official said.

“We don’t want to read the messages but when we see a problematic message we should be able to go to WhatsApp to help us trace the sender,” the official further added. “They have to find a way, it is technically possible.”

After several public unrests over message forward, in December last year, the government of India has amended the Information Technology Act, which made traceability of messages compulsory for all internet platforms. 

"It is not acceptable that no one can trace any message. Somebody should be able to trace some messages sometimes. We have reached the limit of anonymity on the internet and that has to go," said official. 

However, WhatsApp declined to comment on the development.