11-01-2018 My Mobile
Any third party person can read and enter your group chat with the help from WhatsApp server controllers
German cyber researchers who assembled at the recent Real World Crypto security conference in Switzerland revealed that there are severe security errors in the WhatsApp platform. The report in Wired mentioned any third person could be added to any group chat without the admin’s consent. Anyone who controls and administers the platform’s servers can do the same.
Any third person, thereby nullifying the end-to-end encryption and crushing the confidentiality of the group, can access all the forwarded and ongoing messages, claims the researchers. But, they also states that only few sophisticated hackers like WhatsApp's own staff, and state actors are the different kinds of people who can break the code to access the same. Therefore, it reduces the risk a lot in spite of being a serious concern.
"The confidentiality of the group is broken as soon as the uninvited member can obtain all the new messages and read them," Wired quotes Paul Rösler, one of the Ruhr University researchers who co-authored a paper on the group messaging vulnerabilities, as saying. "If I hear there's end-to-end encryption for both groups and two-party communications that means adding of new members should be protected against. And if not, the value of encryption is very little."
Facebook’s Chief Security Officer Alex Stamos, responding to the report on Twitter, said, “Read the Wired article today about WhatsApp – scary headline! But there is no [sic] a secret way into WhatsApp groups chats.”
"On WhatsApp, existing members of a group are notified when new people are added," he tweeted. "WhatsApp is built so group messages cannot be send [sic] to hidden users and provides multiple ways for users to confirm who receives a message prior to it being sent."