14.01.2017 Verschlüsselungslücke in WhatsApp?

WhatsApp vulnerability allows snooping on encrypted messages

A security vulnerability that can be used to allow Facebook and others to intercept and read encrypted messages has been found within its WhatsApp messaging service.

Facebook claims that no one can intercept WhatsApp messages, not even the company and its staff. Privacy campaigners said the vulnerability is a “huge threat to freedom of speech” and warned it could be used by government agencies as a backdoor to snoop on users who believe their messages to be secure.

WhatsApp’s end-to-end encryption relies on the generation of unique security keys, using the acclaimed Signal protocol, developed by Open Whisper Systems, that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman.

However, WhatsApp has the ability to force the generation of new encryption keys for offline users, unbeknown to the sender and recipient of the messages, and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered.

The recipient is not made aware of this change in encryption.

Read more https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages
and https://www.infosecurity-magazine.com/news/whatsapp-backdoor-overblown

All articles about

 


Kommentar: RE: 20170114 Verschlüsselungslücke in WhatsApp?

Boelter reported the vulnerability to Facebook in April 2016, but was told that Facebook was aware of the issue, that it was “expected behaviour” and wasn’t being actively worked on.

T., 14.01.2017 14:45



Category[21]: Unsere Themen in der Presse Short-Link to this page: a-fsa.de/e/2JB
Link to this page: https://www.aktion-freiheitstattangst.org/de/articles/5880-20170114-verschluesselungsluecke-in-whatsapp.htm
Link with Tor: http://a6pdp5vmmw4zm5tifrc3qo2pyz7mvnk4zzimpesnckvzinubzmioddad.onion/de/articles/5880-20170114-verschluesselungsluecke-in-whatsapp.htm
Tags: #Facebook #Cyber-Mobbing #sozialeNetzwerke #Verschluesselung #Lauschangriff #Ueberwachung #Datenpanne #WhatsApp #Zweitschluessel #Luecke #Zensur #Informationsfreiheit #Anonymisierung #Meinungsmonopol #Meinungsfreiheit
Created: 2017-01-14 08:50:33


Kommentar abgeben

For further confidential communication, we recommend that you include a reference to a secure messenger, such as Session, Bitmessage, or similar, below the comment text.
To prevent the use of this form by spam robots, please enter the portrayed character set in the left picture below into the right field.

We in the Web2.0


Diaspora Mastodon Twitter Youtube Tumblr Flickr FsA Wikipedia Facebook Bitmessage FsA Song


Impressum  Privacy  Sitemap