WhatsApp update will close vulnerability that leaves messages unencrypted on iOS and Android

WhatsApp update will close vulnerability that leaves messages unencrypted on iOS and Android
Apple iPhone users that rely on WhatsApp's end-to-end encryption might not realize that there is an opening that could allow a hacker to read their messages. According to the WhatsApp FAQ page, WhatsApp messages that are backed up in iCloud are not protected by the app's end-to-end encryption. However, an update is coming to shut this vulnerability. Forbes reports that a WhatsApp iOS beta includes a change that "enables the encryption of chat histories hosted on iCloud, including media" through the settings on the WhatsApp app.

If WhatsApp decides to go ahead and include the feature in an upcoming update to its public iOS app, authorities, hackers, and even Apple will be shut out from reading your unencrypted text messages. Essentially, the update would extend the end-to-end encryption available from WhatsApp to messages being stored in iCloud. And at the same time, WhatsApp is working on the same protection for its chat backups on Android.

Just as WhatsApp chats backed up in iCloud aren't covered by end-to-end encryption, neither are the chats that Android users back up on Google Drive. The new feature could be available on the WhatsApp beta for Android version 2.20.73 and is called "Protect Backup," which pretty much is self-explanatory. Until it becomes part of WhatsApp for Android and iOS, just keep in mind that despite the end-to-end encryption found on the app, if you backup your chats to iCloud or Drive, you are leaving them vulnerable to being read. There isn't any evidence that this has been exploited, but it is something that every WhatsApp user should be aware of.

It appears that WhatsApp's iOS users are more excited by the coming addition of support for QR codes. This is a feature that will allow users to create personal QR codes to help others find them. QR code support will also be available for Android totin' WhatsApp users soon.


Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless