Writing Assignment

Lotus
howtoimproveyoursecurity.pdf
Home>English homework help>Article writing homework help>Writing Assignment

How to improve your security with WhatsApp A Guardian report says WhatsApp has a backdoor that could allow messages to be

intercepted by unwanted parties. That’s not accurate.

BY GLENN FLEISHMAN

A headline in the Guardian

recently was certainly

eye-catching: “WhatsApp

Vulnerability Allows Snooping

on Encrypted Messages.” The allegation

was that a newly discovered flaw could

allow messages you’d sent to a known

and confirmed party through a highly

secure method could be replayed, or sent

again to other parties that could insert

themselves as trusted recipients.

It turns out, almost none of this is

MARCH 2017 MACWORLD 103

104 MACWORLD MARCH 2017

WORKINGMAC W H AT S A P P S E C U R I T Y

WhatsApp remains robust and nearly

the gold standard if set up in the way

that security experts recommend.

accurate or represented in a way that will

help WhatsApp users improve their secu-

rity. This doesn’t mean that WhatsApp is

created perfectly (nor do I allege the

Guardian has an agenda). A few months

ago, I explained how to configure

WhatsApp to be as secure as possible (go.

macworld.com/whatsappsecu), because

defaults and prompts made it more likely

that you could have your messages inter-

cepted by criminals or by mass or targeted

surveillance from security agencies. For

example, the app encourages you to back

up your messages on a server, which

removes the end-to-end encryption

protection of the messaging sys-

tem; you have to know to say no.

WhatsApp remains robust and

nearly the gold standard if set up in

the way that security experts

recommend and I documented. But the

flaw cited is rather a feature of sorts,

revealing information to users about

changes in the cryptographic environment.

The biggest downside is educating those

who rely on WhatsApp on how to pay

attention to alerts to avoid being taken in.

BACKDOORS, FLAWS, AND FEATURES The Guardian story erred first in calling this

“new” research and marking its story as

“exclusive”; these errors remain in the

version I’m looking at while writing this

column. I contacted the researcher who

first explored the security issues, Tobias

Boelter. He said via email, “The issue has

been published on my blog in April 2016

(go.macworld.com/whatsapptobi), but only

today the public media started reporting

on it, with the Guardian taking the lead.”

It’s not new or exclusive, nor was it previ-

ously private. (Boelter maintains it’s a flaw,

potentially exploitable by governments,

and should be fixed.)

Second, the article labeled it a back-

door, which it isn’t. The original headline

(which you can see if you look at go.

macworld.com/whatsappguard) used the

term backdoor, which also appears in the

article a few times. A backdoor is an

intentional hole built into software to allow

untracked access without participants’

consent of details assumed to be confi-

dential or secure by the users of the

system. Security researcher Jonathan

Zdziarski, the developer of Little Flocker,

goes into greater depth in a white paper

defining the term backdoor precisely (go.

macworld.com/backdoordef).

One would have to find a separate

entry point in WhatsApp’s infrastructure

MARCH 2017 MACWORLD 105

WhatsApp asks you regularly about back- ing up your messages. Select Off, or you’re reducing your security.

that allowed a party other than those in a

conversation to insert themselves with a

new device at will: that entry point would

be a backdoor, but not the behavior in

question, which is a man-in-the-middle

(MitM) that the system correctly identifies.

Finally, the scope of the problem as

described in the article is too broad and

not fully technically accurate; even

Boelter’s original post makes it sound as if

there’s a wider scope of exploitation,

though he correctly illustrates what inter-

action occurs and when. In fact, there’s a

very limited opportunity for a malicious

party to gain access to any information.

Let’s break down how you can improve

your security with WhatsApp by looking at

how the purported flaw shows up.

With WhatsApp, you establish a trust

relationship with other parties with whom

you communicate. The best recommenda-

tion, as I note in an April 2016 column, is to

confirm each other’s secret numbers in

person or by voice—or any method except

within WhatsApp. Once that’s in place, you

have a cryptographic lock on your commu-

nications with that person.

If that person changes phones,

through loss, damage, upgrade, or what-

ever reason, as long as you have Security

Notifications turned on, you’ll be warned

in the conversation and advised to re-ver-

ify. (In iOS, go to WhatsApp’s Settings

view, tap Account → Security, and then

make sure Show Security Notifications is

turned on.)

What Boelter noted in April and

reported to Facebook is that there’s a sliver

of opportunity for untransmitted messages

to be intercepted by a party that gains

access to a WhatsApp user’s registered

phone number. Here’s the sequence:

> One or more messages can’t be delivered. They’re shown with a single

checkmark in the sender’s copy of

WhatsApp. All delivered messages to

106 MACWORLD MARCH 2017

WORKINGMAC W H AT S A P P S E C U R I T Y

A screen with a security code in scannable and readable form let you verify with another party that nobody has interposed themselves.

verified recipients appear with blue

double-checkmarks.

> A malicious party obtains access to the phone number registered with the

recipient’s WhatsApp’s account and uses

another device before the intended

recipient comes back online and can

receive the unsent messages.

> The malicious party receives those messages, and the WhatsApp sender gets

a notification that the recipient’s key has

changed.

Messages previously delivered aren’t

retransmitted. Only messages in queue

are sent at all (and marked with double

gray checkmarks). And the sender is

notified. An attacker without a security

apparatus with a number of agents

poised to act would be hard-pressed to

ensure simultaneously that the receiver

was offline, they could grab access to

the phone number, and the recipient was

poised to send a useful message that

could be intercepted. (It is true that

phone numbers and SMS aren’t secure,

and criminals and governments can

re-point someone’s phone number to

another phone or intercept and send

text messages.)

The security notification also gives

away the game: the interceptor has just

revealed they’re an MitM, and in such a

MARCH 2017 MACWORLD 107

way that the sender can alert other peo-

ple, the media, law enforcement, or whom-

ever, because the sender has to be online

for this to occur. With a backdoor, such a

notification would be suppressed.

WhatsApp uses the Signal Protocol,

designed by Open Whisper Systems,

which has its own messaging app, Signal

(free, whispersystems.org). In the Signal

app, queued messages aren’t sent in that

case; a user is alerted and has to accept

the potential consequence or re-verify to

move on. People likely to be targeted at a

“retail” level (one at a time) are unlikely to

rely on WhatsApp, and rather on Signal;

people concerned about “wholesale”

interception, such as the alleged wide-

scale data collection in place in many

countries, don’t have a vulnerability here,

and will find most of their friends and

colleagues already using WhatsApp or an

easy sell to join it. (Open Whisper’s

cofounder, Moxie Marlinspike, wrote a blog

post about the Guardian story as well,

go.macworld.com/wsnobkdr.)

And just by the way, a much broader

vulnerability exists in Apple’s iMessage, as

Apple uses centralized key management

that isn’t exposed to users. Researchers

have warned for years,most recently in a

March 2016 security examination that

revealed a number of more minor flaws,

that such centralization could allow inter-

ception through a successful attack on

infrastructure or through secret govern-

ment edict. Were iMessage subverted, its

users would never know that other parties

were reading their messages.

PAY ATTENTION TO THE FIDDLY DETAILS The upshot isn’t that the Guardian got the

details and impact of the story wrong,

though the newspaper did. Rather, it’s that

you can keep your security game strong

by paying close attention to warnings and

alerts designed for that purpose:

> Ensure Show Security Notifications is on. > Verify all contacts before starting con-

versations.

> Re-verify contacts whenever you see a message that a recipient’s security code

has changed.

> If you can’t re-verify, alert everyone you can who’s connected with your com-

munications or the recipient immediately.

If you need to be absolutely sure that

any arbitrary message you send (“pick up

a gallon of milk”) when a recipient is offline

has zero possibility of being received by

an unverified party instead of a vanishingly

small one, use Signal (which is free) and

convince your friends to use it as well.

WhatsApp could add a switch to

disable transmitting without verifying first,

which would defuse this complaint. But this

was a lot of hand waving about something

that doesn’t represent much in effect. ■

Copyright of Macworld - Digital Edition is the property of IDG Consumer & SMB Inc. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use.