List of WhatsApp Security Issues in 2017
August 1, 2017
WhatsApp is one of the most popular messaging applications with worldwide acceptance, and it is adding more than a billion users each month.
Reports say that the volume of messages exchanged between these users crosses 30 billion every single day. These are mind-boggling figures for any service rendering organization, and in this era of heightened cybersecurity concerns, the users of this popular messaging app are also vulnerable to such attacks.
Indeed, security issues in WhatsApp have been brought out from time to time by experts and analysts with demonstrable steps on how it is done or can be executed. To be fair to the Facebook-managed organization, WhatsApp has responded and fixed some of these issues. But is the threat completely gone?
One way to find that out is by regularly reading sites like Security Zap, which lays out all the different methods average consumers can adopt to protect themselves from cyber attacks.
Below is a summary of this year’s most highlighted security issues related to WhatsApp.
Encryption Has Not Fully Solved Security Issues
The fact that there is end-to-end encryption of every message sent on the WhatsApp messenger should have squarely addressed the issue of security. As long as the message gets delivered to the intended recipient and cannot be decrypted in between, there should be no issue at all.
However, analysts point out that during the process of transmitting a message between two devices, the backup directory that is retained on these phones’ cloud platforms could be a major source of concern.
Typically, Android phones choose Google Drive and iPhone users the iCloud for this process. Since the messages reside within these places in decrypted form, this is one weakness in the whole communication system.
Web Version More Vulnerable
Some commentators believe that the introduction of WhatsApp Web has made the messaging app more vulnerable to cyber attacks. One direct consequence is that cyber criminals can plant malware by camouflaging the real app and downloading a fake one in its place.
In no time, your PC or laptop could become compromised, and you would have to seek professional help to restore normalcy.
There have been instances where these fake apps clog WhatsApp inboxes with spam messages. This is a security issue that anyone who uses WhatsApp Web regularly should be concerned about.
Facebook Intrusion & Data Sharing
The much-reported buyout of WhatsApp by Facebook has added a certain amount of circumspection to the overall security environment, particularly related to sharing data between the two applications.
Those dedicated to the cause of privacy and data security are quick to point out that Facebook has gone back on its word to keep the data in these two apps separate. In August 2016, WhatsApp changed its policy and allowed the sharing of data to the company.
Again, the assurance was that such data from WhatsApp residing on Facebook would not be shared in public. It was expected to be buried deep with no easy access. But users instead found that their information was being made public on its own.
It has since been clarified that users can configure privacy functions, by going to the settings and manually choosing the option to hide data from public viewing.
This issue hasn’t ended though. Facebook and WhatsApp may be heading for a legal battle in Europe over the situation in the coming months.
The WhatsApp Vs. Telegram Debate
There has been a lot of heated debate over which messaging app is better. Should WhatsApp subscribers keep using the app or should they look for other alternatives?
Some suggest that Telegram would be a better app, at least from the security point of view. But others point out some weaknesses in the security systems found on Telegram as well, based on some independent research to test the safety of both Telegram and WhatsApp.
But it may not be feasible for such opinion-makers to divert one billion users from one app to another so easily. Instead of debating this app or another, the ideal situation would be if the companies running the respective apps continue to evaluate the security levels of their products and upgrade them periodically as needed.
The ultimate objective should be that ordinary users should not feel threatened about their privacy, and their data should receive maximum protection from these apps.