Security is one of the main pillars of communication. To be able to speak with the assurance that no one we do not want is reading our messages, it seems that it would not be possible in WhatsApp at least in relation to group conversations. We explain to you.
WhatsApp groups are vulnerable, although not everyone can sneak into them
As told in Wired at the conference of the Real World Crypto in Zurich, Switzerland, a team of researchers from the German Ruhr University tried to test the security of three Signal, Threema and WhatsApp applications.
All three have certain security issues, though those of Signal and Threema do not seem very dangerous. Whatsapp; instead; seems to have serious security problems . Of course, the German research team has stated that anyone who can sneak into WhatsApp servers can self-invite themselves to any user group.
WhatsApp, by default, encrypts all conversations under an encryption type known as end-to-end . This encryption ensures that even if our messages pass through a server, only the sender and recipient of the message can read it.
Confirmed: can not join WhatsApp groups without your consent
For the Spanish Agency for Data Protection, it is illegal for a company or institution to include you in WhatsApp groups without asking for your permission.
For groups, we guarantee that only users in a group can read your messages. This premise is canceled at the moment anyone can invite the group they want without any kind of problem.
Despite the seriousness of the problem, we should keep in mind that this vulnerability can only be exploited by someone who has server control . Company personnel, hackers with great skill and can be agents of governments. After all, this is just another back door.
To join a group, you need to join WhatsApp servers.
According to WhatsApp, we are safe
In Wired contacted by telephone with a Whatsapp spokesperson, who confirmed that the security hole exists but that, in case someone can run into their servers and inviting a group, all users would receive notification that a new user was invited to the group, so that all users would be mindful of the attack.
The spokesman also added that in case they solve the problem, they would have to end the tool to invite groups through a link, which was highlighted as "very popular."