Lately, Whatsapp has been creating headlines and outcry amongst the technology experts or the billionaires, government organizations and specially the privacy advocates. All the Whatsapp users would have come across a pop-up screen a few days back that asked them to accept the terms and policies whatsoever presented to them by the application company. Some might have agreed without reading while others found it too vulnerable to their privacy. On one hand Whatsapp tells that the changes are significant ones to integrate better with the other Facebook products and on the other, it was made to push the deadline for the same to the month of May. But before that, let’s know why it is updated as a controversial one.
Are the WhatsApp chats secure?
There’s always a kind of danger or risk linked with the usage of messaging apps like whatsapp, in spite of that there hasn’t been any decline in their usage. If we look at the situation in Australia, the breaches of this application have been quite common and a majority of board members are still using it. In one instance, the Amazon CEO got his messages leaked through Whatsapp in the year 2018.
Recently Whatsapp made an announcement amidst all the backlash, that the users have nothing to worry about. Since the application is based on the policy of “what you share with your friends and family remains between you”, the makers of the application made sure with this that the personal conversations will always be protected with the ‘end-to-end’ encryption, so that neither whatsapp nor facebook can have access to the personal information.
We know that the chats and messages are end-to-end encrypted so they cannot be intercepted during the transmission but this does not secure the messages after they are decrypted on your device. Whatsapp also provides an option to create a back-up of all the data that is on the application and these data can be stored on icloud or google drive and neither of them is encrypted. As the file carries a decrypted version of all the messages you have saved in the phone, it is theoretically vulnerable and also undermines the end-to-end encryption.
What is end-to-end encryption?
We see whatsapp adopting the end-to-end encryption that secures the messages between the sender and receiver and not just this application but other applications too have the benefits of ease of use and a large-scale adoption by the general users. In fact, this is why they are so famous. The end-to-end encryption however is incorporated with the view of protecting the data and keeping the user data secure. To the government, this end-to-end encryption policy could create a lot of issues when thought of as law enforcement. Whatsapp claims to have gotten the permission from the required law agencies based on ‘applicable law and policies’, it does not clarify as to what data would be shared. Speculations tell that this data could be related to information including mobile numbers, location, IP address and other things. When we read about end-to-end encryption and its usage, Whatsapp claims that once the message gets delivered, it is not stored on the servers any long. So technically, the messages sent and received from the application can be considered to be safe.
/content-assets/28a4e76bc70844cb9f37ed1a731d4504.png)
However, the twist strikes in here. In spite of all the safety measures taken, the end-to-end encryption could not pass through all the possible vulnerabilities. There have been various instances of data leakage surely put a question on that. There are ways to get around the encryption and then extract these. This end-to-end encryption cannot restrict the leaks from taking place completely especially if any third-party has the access to the device containing the messages. And also, if the same messages are shared by the sender or the receiver to some other person or a group of persons, or is stored in a different storage place, even then the encryption does not work.
And this is not the only safety concern, but these applications are prone to other vulnerabilities too like if the device that is being used gets stolen or gets into the hand of others? Or if not our device then the device of the person we’re talking to gets lost? Even then the messaging becomes vulnerable. It is possible to clear these messages that are received by other users on some platform however, if the messages are already leaked then you are on your own pal!
What added more to the issue was the recent policy given out by the makers of the application to link the data you have stored on whatsapp with the facebook account of the user and it seems to be pretty violative of the overall privacy of the user and so the makers were forced to push the policy application date and are now coming up with explanation part of it, amidst all the backlash.