WhatsApp claims to be secure and the messages to be heavy encrypted, however, a report by The Guardian, claims otherwise.
The report shares that there is a loophole which allows Facebook, and possibly other companies to intercept and read your Whatsapp messages.
The Loophole
According to Pro Pakistani, WhatsApp’s end-to-end encryption code is completely reliable on unique security keys which are generated by “Signal protocol”, developed by Open Whisper Systems in real time.
While communication, these security keys to make sure that such communication isn’t intercepted while it’s travelling on the network. However, according to this new research, WhatsApp can force-generate new encryption keys for offline users.
Changes made to the encryption keys makes the sender re-encrypt messages with new keys. At times, it sends those messages which were not delivered. The recipient is not aware of this change in encryption, while the sender is only notified if they have opted-in to encryption warnings in settings, and only after the messages have been re-sent.
This essentially means that Whatsapp has a control over encryption keys, and if it’s forced by government or in-house policies, it could read user messages or even worse let anyone read them.
WhatsApp, in response to the report, said that it does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor.
