Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Connectivity

WhatsApp’s Small Security Flaw Is the Price of Convenience

Reports of a backdoor in the messaging app overlook the fact that building software used by 1 billion people can require compromise.

Last year, WhatsApp switched on end-to-end encryption for all of its users. Now a report suggests that the approach is flawed—but the company argues that the vulnerability is an unavoidable trade-off in making the service user-friendly.

According to a new report by the Guardian, WhatsApp has a flaw that could, in theory, allow the company to read messages that users assume are safe from prying eyes. Tobias Boelter, a security researcher at the University of California, Berkeley, tells the newspaper that WhatsApp can force a device to generate a new encryption key when a user is offline. Then, if someone is sending a message to that device while it’s offline, the sender will be made to re-encrypt the messages and resend them.

Those messages could, says Boelter, be read by WhatsApp. And, presumably, by anyone who demanded the company turn them over, too.

WhatsApp knows this is the case, and it is unapologetic about it. It has a compelling argument: convenience. Whenever you swap SIMs, use a new phone, or for any other reason end up using WhatsApp afresh, the system creates a new set of keys to ensure your conversations remain secure. Any messages sent to you in the meantime would be lined up on the sender’s phone waiting for your return to the service. So WhatsApp tells the sender’s device to re-encrypt them using a new key before sending them. The idea: nobody has to miss a message.

WhatsApp defended itself in a statement issued in response to the Guardian report:

As we introduce features like end-to-end encryption, we focus on keeping the product simple and take into consideration how it's used every day around the world … [In] many parts of the world, people frequently change devices and SIM cards. In these situations, we want to make sure people's messages are delivered, not lost in transit.

To be sure, this does introduce a security risk. Fredric Jacobs, a security expert who worked at Open Whisper Systems, the company which developed the encryption system used by WhatsApp, explained to Gizmodo:

Say that I am sending to you, and your phone is offline because your [battery] is flat, or you have no coverage, or something. Some messages ‘back up’ on my phone, waiting to talk to yours. The proposition is that this condition: backed up messages, combined with someone colluding with Facebook, WhatsApp to ‘fake’ the ‘person has a new phone’ condition, can lead to the backed-up messages being re-encrypted and sent to the new, fake or colluded phone.

But in reality that's hard to pull off, and it’s unlikely that the company is using the trick to spy on your messages. For its part, WhatsApp has flat-out denied to the BBC the idea that it’s a backdoor designed to help law enforcement agencies. "This claim is false," it said. "WhatsApp does not give governments a 'backdoor' into its systems and would fight any government request to create a backdoor."

All that said, it is theoretically possible to build a backdoor in the app, because the man-in-the-middle nature of WhatsApp means that it could, if it so desired, include a special extra encryption key that effectively added a third party, like the FBI, to your conversation. Our own Tom Simonite outlined how something like this could happen last year.

It’s also worth remembering that the terms of service of WhatsApp don’t prohibit it from storing metadata about your messaging. So while it might not be able to read what you send (most of the time), it does know who you’re messaging, when, and how frequently.

If you’re deeply troubled by the merest whiff of WhatsApp being able to read your messages, you can turn on a notification system in the app that alerts you when somebody is updating their encryptions keys. That way, you can choose to refrain from sending messages that get backed up and could, theoretically, be read by WhatsApp. Or, you embrace the convenience of its service and tolerate the small risk.

(Read more: The Guardian, Gizmodo, “How Cops Could Wiretap Encrypted iMessage and WhatsApp Chats,” “Apple and WhatsApp’s Encryption Is a Stimulus Package for the Phone Hacking Industry”)

Tech Obsessive?
Become an Insider to get the story behind the story — and before anyone else.

Subscribe today

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe to Insider Basic.
  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning magazine and daily delivery of The Download, our newsletter of what’s important in technology and innovation.

    See details+

    What's Included

    Bimonthly magazine delivery and unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.