WhatsApp and the Myth Behind End to End Encryption
Since the emergence of cellular technology, text messaging has outshined and made its own way. Messaging apps like iMessage, WhatsApp, Signal, etc gained popularity due to the promise of privacy.
With more than 1.5 billion users globally, WhatsApp is the most widely used messaging app that offers end-to-end encryption.
But what is end-to-end encryption in WhatsApp?
Answer to this is very simple! End-to-end encryption in WhatsApp means only the receiver can read what’s sent. This means nobody in between not even WhatsApp, app creator can read your conversation. But do you know, WhatsApp does collect users meta data like the name of the sender and receiver.
This says a lot about end-to-end encryption and how often it is misunderstood.
WhatsApp the popular messaging app, was a target to spyware attack designed by NSO Group (Israeli private security company) this week. Surprised at how even a major tech mogul such as WhatsApp be attacked?
Although, the attack did not breach WhatsApp’s encryption, but it did tell how spyware can be used by hackers to manipulate safe services.
What does the spyware do?
The spyware, used to attack WhatsApp gives hackers the ability to fully access a phone remotely, allowing them to read conversations, view contacts and use camera.
Users using WhatsApp’s Android version before 2.19.134, and WhatsApp Business for Android before version 2.19.44, are susceptible to the spyware attack. iOS users using, WhatsApp versions before 2.19.51 and WhatsApp Business versions before 2.19.51 are susceptible to the spyware attack. WhatsApp for Windows Phone older than version 2.18.348 are as well susceptible to the spyware attack.
To stay protected from this attack company suggests users to update WhatsApp.
How to update WhatsApp on Android and iOS
Steps to update WhatsApp on Android
To avoid being a victim to online attacks updating apps is recommended. To update WhatsApp on Android, follow the steps below:
1. Open Play Store
2. Tap three horizontal lines on the left > My apps & games
3. Here, look for WhatsApp messenger and tap on Update.
If WhatsApp has been recently updated, it will show a button that reads Open.
This will update WhatsApp messenger to the latest version 2.19.134.
Steps to update WhatsApp messenger on iPhone/iOS
1. Open App Store
2. Now go to the bottom of the screen and tap on Updates
3. To update WhatsApp messenger, tap UPDATE next to WhatsApp Messenger.
If you do not see UPDATE, it means the app has been updated. Check the version it should be 2.19.51
This way you can update WhatsApp.
In addition to this, there are certain things that you need to know about End-to-End encryption apps.
1. Backups taken by encrypted messaging apps on cloud aren’t often encrypted:
This is a very important thing that you should remember. Most end-to-end encryption apps do not encrypt backups stored on cloud. This means a legal agency or government can demand to share the messages stored on cloud. So, if you are concerned about data security avoid backing up messages on cloud.
2. Be cautious of desktop apps:
For user’s convenience most, encrypted messaging apps offer their services on various platforms, devices and operating systems. Most of them even provide desktop versions. But over the past few years it has been found that desktop apps are most vulnerable. Therefore, if you are using desktop version of any of the messaging apps, update it and restart the app along with computer restart.
3. Set message expiry:
Encryption isn’t magic, you need to be attentive and aware. End-to-end encrypted messages mean no one can access your conversations by hacking the network. But if your phone is lost or someone can access it than your messages are no longer private. Therefore, to stay secure you should consider settings expiry timer if your messaging service offers that feature.
4. Keep your apps updated:
Last but not the least, the best way to stay secure while using a messaging app is to keep both desktop and mobile version updated. Security bugs are found often but it is not necessary that we hear about them, therefore the best way to stay secure is to keep apps updated and get all the bug fixes downloaded.
Now that we know, WhatsApp was attacked, how to stay protected while using end-to-end encryption apps. It’s time to know about certain things like how the attack took place, how security flaw was used and other things.
How was the security flaw used?
To target WhatsApp, attackers used WhatsApp’s voice calling function and ring target’s device. Even without the victim picking the call, surveillance software could be installed allowing hacker to read messages, call log and access other data.
How many people were targeted?
WhatsApp says it is too early to say how many people were targeted. But it is certain that the attack was highly target specific. There are speculations that to build relations with Gulf, Israeli government allowed NSO Group to sell the software to Gulf states.
What makes these rumours to spread?
Well, it cannot be a fluke that among those apparently targeted by the WhatsApp hacking software were a Saudi dissident and a Qatari citizen, lawyers investigating human rights abuses in Gulf states.
This disclosure raises questions about the reach of the Israeli company’s powerful spyware, that can takeover smartphones, control cameras and turn them into surveillance devices.
If you too are worried about spyware attack, update WhatsApp messenger following the steps provided above.