In a lot of people's minds, Facebook is this huge cyber villain that gathers data on everyone and keeps tabs, not unlike Orwell's Big Brother. And after coming across some information in The Guardian, we can't really blame them.
WhatsApp's end-to-end encryption relies on the generation of unique security keys through the use of the Signal protocol. That's the same system that's used by the Signal messaging app that Edward Snowden vouched for. There's one key difference in WhatsApp's implementation, though.
Tobias Boelter found the WhatsApp backdoor.
Tobias Boelter found the WhatsApp backdoor.
WhatsApp has the ability to force the generation of new encryption keys for offline users, without the knowledge of neither the sender, nor the recipient. It can then make the sender re-encrypt the messages with the new keys and send them again if they were not marked as delivered prior to that. The recipient is not notified about the new encryption keys, and the sender is only prompted if they have specifically opted-in to encryption warnings in the settings, and only after the message has been successfully sent. This means that, by the time the sender is notified of the change, a third party could have received the new messages already.
The vulnerability was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley. “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys,” he said for the Guardian. Boelter contacted Facebook about the backdoor back in April 2016, but he was told by the company that this is actually “expected behavior” and it isn't being actively worked on.
Boelter's finding were confirmed by Steffen Tor Jensen, head of information security and digital counter-surveillance at the European-Bahraini Organisation for Human Rights. He said for The Guardian:
WhatsApp can effectively continue flipping the security keys when devices are offine and re-sending the message, without letting users know of the change till after it has been made, providing an extremely insecure platform.
But what we've said so far, you could assume that this exploit could be used to spy only on single messages, and not entire conversations. However, Boelter thinks otherwise. “This is not true if you consider that the WhatsApp server can just forward messages without sending the 'message was received by recipient' notification (or the double tick), which users might not notice,” he said. “Using the retransmission vulnerability, the WhatsApp server can then later get a transcript of the whole conversation, not just a single message.”
"A gold mine for security agencies"
Other cyber-security experts also commented the issue for The Guaridan. Professor Kirstie Ball, co-director and founder of the Centre for Research into Information, Surveillance and Privacy, called the backdoor “a gold mine for security agencies” and “a huge betrayal of user trust.” She believes that users should be concerned about it, and said: “Consumers will say, I've got nothing to hide, but you don't know what information is looked for and what connections are being made.”
Jim Killock, executive director of Open Rights Group, said: “If companies claim to offer end-to-end encryption, they should come clean if it is found to be compromised – whether through deliberately installed backdoors or security flaws. In the UK, the Investigatory Powers Act means that the technical capability notices could be used to compel companies to introduce flaws – which could leave people's data vulnerable.”
The Guardian reached out to WhatsApp, and the response it got sounds more like something a sales pitch, than anything else.
Over 1 billion people use WhatsApp today because it is simple, fast, reliable and secure. At WhatsApp, we've always believed that people's conversations should be secure and private. Last year, we gave all our users a better level of security by making every message, photo, video, file and call end-to-end encrypted by default. As we introduce features like end-to-end encryption, we focus on keeping the product simple and take into consideration how it's used ever day around the world.
In WhatsApp's implementation of the Signal protocol, we have a “Show Security Notifications” setting (option under Settings > Account > Security) that notifies you when a contact's security code has changed. We know the most common reasons this happens are becase someone has switched phones or reinstalled WhatsApp. This is because in many parts of the world, people frequently change devices and Sim cards. In these situations, we want to make sure people's messages are delivered, not lost in transit.
When The Guardian asked specifically whether Facebook or WhatsApp had accessed users' messages, and whether either has done so at the request of a government agency, it was directed to Facebook's page that details the number of government requests for Facebook data.
The whole Facebook/WhatsApp privacy saga started in 2014, when Facebook acquired the messaging service, but Zuck and company have been on watchdog radars a while before that. We don't doubt that the existence of this backdoor will certainly add some more fuel to the fire.