When WhatsApp introduced the end-to-end encryption to its conversations, it literally raised the privacy of the people across the world. The Facebook owned app also says that even the group chats are encrypted in it. However, a team of cryptographers from Germany found flaws in WhatsApp that will make the infiltration into WhatsApp group chats much easier.
A group of researchers from Ruhr University Bochum are working on to showcase a set of flaws in apps like Threema, Signal and WhatsApp at the Real World Crypto security conference in Zurich. The team is of the opinion that their findings will compromise the security claims of each of these companies.
While the flaws found in the Threema and Signal are moderate, the security gaps discovered in the WhatsApp pose a high security risk. According to the researchers, anyone who is controlling the servers of WhatsApp can easily add new members to any private group of the app without waiting for the permission from the administrator.
Paul Rosler, one of the researchers said,
“The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them. If I hear there’s end-to-end encryption for both groups and two-party communications, that means adding of new members should be protected against. And if not, the value of encryption is very little.”
For an app like WhatsApp which relies heavily on its end-to-end encryption, this discovery is really surprising as the end-to-end doesn’t expect any intervention even from the servers. But, the researchers have also said that the company could easily fix this bug by adding an authentication mechanism for new group invitations.
Which is your favorite messaging app? Share us your answer in the comments section below.
For more similar latest updates, stay tuned with our NEWS section.