Whats really up with your secure WhatsApp chats – Mint

The surfacing of private WhatsApp exchanges between Bollywood actors amid the investigation into the death of actor Sushant Singh Rajput has raised questions about the platforms security, and whether the app indeed protects user privacy. Mint takes a deep dive.

What does end-to-end encryption mean?

When texts are sent from your phone, there are three points of contactyour phone, WhatsApps servers and the receivers phone. So, between WhatsApps server and the receiver, the so-called Man In The Middle (MITM) attacks are possible. Besides, WhatsApp, its parent Facebook could technically access texts when theyre on server. In end-to-end encryption, the transmitted text is encrypted all the time, ensuring that only the sender and receiver can read it in plain text. This reduces chances of MITM attacks or leaks at the service provider. Even if a person does intercept the text, theyll get unreadable encrypted texts only.

Do all exchanges via WhatsApp remain pvt?

While end-to-end encryption is a powerful protection measure, it doesnt guard against physical access to ones messages. Your phones lock code encrypts all data inside it, and whenever the correct code is entered, data is available in plain text. You could set up the lock code to be entered a second time before WhatsApp is opened, but that doesnt help much. Messaging application Signal allows users to set up a separate Signal PIN, though if youre forced to hand over your phone to the authoritieslike in the case with Bollywood actors currentlyyoull probably have to disclose your PIN too.

View Full Image

Are there safer alternatives to WhatsApp currently?

Signal and Telegram are popular. Besides, since they arent as big as WhatsApp there may be less effortespecially by governmentsto compromise their systems. Signal has more security features and endorsement from whistleblower Edward Snowden, which is why users opt for it. But even Signal cant do much to protect against physical access to a phone.

Does WhatsApp have built-in backdoors?

WhatsApp uses the open source Signal protocol for encryption, which is a sort of a defence against backdoors. Theoretically, since the encryption code is open sourced, experts can spot backdoors. The government may say backdoors wont be open to the public, but an existing backdoor can be found by attackers and security experts. That said, WhatsApps overall code is closed source, so you cant be sure how the Signal protocol is implemented, and with what modifications. Your only option, in that case, is to trust WhatsApp.

How much can one trust Facebook?

WhatsApp was the icon of openness for long. Many experts still say WhatsApp has done a lot to ensure no backdoors can be mandated by governments, but many have trouble trusting Facebook, given its track record on user privacy. The company has vested interests with all big governments, so the argument is, why Facebook would side with users instead of authorities. The point that Facebook needs users is thin too, since the company gets a big part of its data from being able to track users outside its platforms.

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

See the original post here:
Whats really up with your secure WhatsApp chats - Mint

Related Posts

Comments are closed.