Are Your WhatsApp Encrypted Group Chats Exposed To Strangers?


An attacker would have to take control of WhatsApp servers which means a sophisticated hacker, a WhatsApp staffer or a government with legal authority could gain access, even though end-to-end encryption is supposed to protect users from even these sorts of attacks.

It's not a problem that will impact most users, but chat apps like Signal and WhatsApp have been used for private conversations from everyone ranging from politicians to government dissenters.

The researchers from Ruhr University Bochum in Germany announced this big news at the "Real World Crypto Security Conference" which was held in Zurich, Switzerland, on January 10. But there is no a secret way into WhatsApp groups chats.

Once the new person is added to the group, the phone of each member of the group chat automatically shares secret keys with that person, giving them full access to all future encrypted messages sent in the chat.

He said that there are multiple ways to verify group chat members, adding that users are notified of anyone new joining, including those without permission.

Detroit Auto Show: Ford enters performance SUV segment with Edge ST
Coinciding with the 2019 facelift for the US Ford Edge , Ford is introducing a performance ST variant for the first time. Standard on all Edge models is FordPass Connect, with a Wi-Fi hotspot that gives internet access to up to 10 devices.

"We've looked at this issue carefully", a WhatsApp spokesman said in a statement.

While the exploits in Threema and Signal seemed to be relatively harmless, WhatsApp had far more significant gaps in security.

Despite WhatsApp's secure end-to-end encryption for messages, German researchers have found a loophole that could allow hackers to worm their way into WhatsApp's group chats.

The report says a WhatsApp spokesperson confirmed the findings but added that no one can "secretly" add members to a group. Whatsapp was a different story, which you can read in the paper they published on the topic.

In May 2016, Facebook-owned-WhatsApp had introduced the end-to-end encryption for its users across the globe.

Magnitude 7.6 natural disaster strikes off Honduras coast
News media of the region report that the Center of Tsunami Alerts of the Pacific activated the alert for tidal waves in the zone. Despite the strength of th quake , only minor damage has been reported so far, particularly in Honduras.

"The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them".

The flaw - detailed in a paper - shows how it is possible to add a participant into a conversation without the permission of the person in control of the group. While the company, which is owned by Facebook, acknowledges the issue of server security, the spokesperson pushed back on the idea that attackers could block, cache or otherwise prevent the alert that new members have been added. But, as the researchers found, anyone in control of the server can spoof the authentication process, essentially granting themselves the privileges necessary to add new members who can snoop on private conversations.

Facebook's Chief Security Officer Alex Stamos in a Twitter thread said that it was impossible for anyone to infiltrate WhatsApp's private groups. End-to-end security protection doesn't mean almost as much when someone at the company can simply drop a new person into a private chat anytime they want.

In January previous year, the Guardian newspaper reported that WhatsApp was vulnerable to interception, sparking concern over the app that marketed itself as a privacy leader.

Anthony Weiner And Huma Abedin Will Settle Divorce Out Of Court
One of the scandalous pictures was of Weiner lying in his clothing by his child, wearing an undeniable erection. Her original filing in May 2017 labeled the case as "contested", implying there was a dispute.