Tobias Boelter finds vulnerability in WhatsApp

Computer Science graduate student Tobias Boelter has found a security loophole in the popular messaging app WhatsApp that could allow encrypted messages to be read and  intercepted.  Facebook, which acquired WhatsApp in 2014, had emphasized security and end-to-end encryption as a primary selling point.  This flaw may be an inadvertent error or a deliberate backdoor.  Tobias writes “Facebook does not deny that there is a vulnerability that can be used to ‘wiretap’ targeted conversations by, for example, governments with access to WhatsApp’s servers. And despite WhatsApp’s recent public statements, the vulnerability cannot be avoided by verifying fingerprints or checking a checkbox in the WhatsApp settings.”