Tag Archives: WhatsApp

Use Whatsapp on Android? Your chats are not so secure


whatsapp

If you use WhatsApp on an Android phone, you should be careful about what you talk about or share on the instant messaging app.

NEW DELHI: If you use WhatsApp on an Android phone, you should be careful about what you talk about or share on the instant messaging app. Using a few scripts and a rogue app, anyone can peer into your chat logs and see what you talk about with your friends.

A Dutch security consultant has found that WhatsApp chat logs saved on the SD card of an Android phone can be read by other apps because of the way Android allows sharing of data between apps.

“The WhatsApp database is saved on the SD card which can be read by any Android application if the user allows it to access the SD card. And since majority of the people allows everything on their Android device, this is not much of a problem,” Bas Bosschert wrote on his blog.

“What do we need to steal someone’s WhatsApp database? First we need a place to store the database,” Bosschert explained. “Next thing we need is an Android application which uploads the WhatsApp database to the website.”

When an Android application is installed, whether from the Play store or through an APK file, which is an installer file for Android phones and can be downloaded from various sources, the app requests for permissions to use network and SD card etc.

To explain his hack, Bosschert set up a web server and then created an Android application that required several special permissions on a user’s phone. But because Android OS allows applications to access various parts of the phone – this is why users can conveniently share almost everything through any app on Android phone – Bosschert’s app had no difficulty gaining access to WhatsApp data.

Bosschert wrote that the code that allows his application to access WhatsApp data and then upload it to his web server can be added to a popular Android app by a rogue developer to fool users and steal WhatsApp chat logs.

The older versions of WhatsApp were so insecure that they didn’t even encrypt their data stored on SD card. The data from older versions of whatsApp could be read by anyone once it was uploaded on the web server. Even the data from newer version of WhatsApp, which uses encryption, can be accessed with ease.

“The WhatsAppp database is a SQLite3 database which can be converted to Excel for easier access. Lately WhatsApp is using encryption to encrypt the database, so it can no longer be opened by SQLite. But we can simply decrypt this database using a simple python script. This script converts the crypted database to a plain SQLite3 database,” wrote Bosschert. “We can conclude that every application can read the WhatsApp database and it is also possible to read the chats from the encrypted databases.”

Bosschert joked, “Facebook didn’t need to buy WhatsApp to read your chats.”

The security issue apparently doesn’t exist on iPhones or Windows Phone devices because on these smartphones, apps have limited access to storage and other phone hardware. The more flexible access to phone hardware allows Android apps to talk to each other and helps a user quickly share content between apps. This is very convenient compared to what is possible on iPhone or Windows Phone, where it is difficult to share content between apps. But it also exposes data to rogue apps.

Google says that it keeps an eye on apps inside its Play store and removes apps if they pose any security risks. But this doesn’t negate the fact that theoretically it is possible for a rogue app to do more damage on Android because of the open nature of the OS compared to iOS, which uses silos. Google also advises people against installing apps that don’t come through Play store. By default Android phones are set to not install apps downloaded outside the Play store.

WhatsApp for Android users can now hide ‘last seen’ notification


whatsapp_android_layoutAfter having caused ripples across the industry for agreeing to a buyout by Facebook for a whopping $19 billion, the cross-platform messaging app, WhatsApp has rolled out two new features for mobile users on the Android platform. The new reports say that the update for the Android platform will allow users to hide the ‘last seen’ notification from other users, with the choice of hiding it from everyone, from certain contacts, or only those not on the user’s phonebook.

This features has been available to iOS users for a while. It is now included under the privacy settings on the WhatsApp for Android app. Currently the new features are not available for download on the Google Play store.

A user can however download the apk file from the WhatsApp website. The minimum requirements there, are listed as, having Android version 2.1 or higher and an unlimited data plan. It is also mentioned that the upgrade is currently only for mobile phones running the Android platform, and not tablets.

WhatsApp has added another update, which lets users of WhatsApp for Android hide their profile pictures and status from select friends, strangers or just about everyone. The new privacy tab will only be visible under the new settings tab under account settings after the new version has been downloaded.

Facebook announced the acquisition of WhatsApp on Thursday, in a deal worth $19 billion in cash, stocks and bonuses. WhatsApp co-founder and CEO Jan Koum has assured over 450 million monthly active users of the popular messaging app that ‘nothing’ will change for them as a result of this ‘partnership’ with Facebook. Koum added that WhatsApp ‘will remain autonomous and operate independently’ of Facebook.

Facebook to buy mobile messaging app WhatsApp for $19 billion


UntitledNEW YORK: Facebook Inc will buy fast-growing mobile-messaging startup WhatsApp for $19 billion in cash and stock, as the world’s largest social network looks for ways to boost its popularity, especially among a younger crowd.

The acquisition of the hot messaging service with more than 450 million users around the world stunned many Silicon Valley observers with its lofty price tag.

But it underscores Facebook’s determination to win the market for messaging, an indispensable utility in a mobile era.

Combining text messaging and social networking, messaging apps provide a quick way for smartphone users to trade everything from brief texts to flirtatious pictures to YouTube clips – bypassing the need to pay wireless carriers for messaging services.

And it helps Facebook tap teens who will eschew the mainstream social networks and prefer WhatsApp and rivals such as Line and WeChat, which have exploded in size as mobile messaging takes off.

“People are calling them ‘Facebook Nevers,'” said Jeremy Liew, a partner at Lightspeed and an early investor in Snapchat.

WhatsApp is adding about a million users per day, Facebook co-founder and chief executive officer Mark Zuckerberg said on his page on Wednesday.

“WhatsApp will complement our existing chat and messaging services to provide new tools for our community,” he wrote on his Facebook page. “Since WhatsApp and (Facebook) Messenger serve such different and important users, we will continue investing in both.”

Smartphone-based messaging apps are now sweeping across North America, Asia and Europe.

“Communication is the one thing that you have to use daily, and it has a strong network effect,” said Jonathan Teo, an early investor in Snapchat, another red-hot messaging company that flirted year ago with a multibillion dollar acquisition offer from Facebook.

“Facebook is more about content and has not yet fully figured out communication.”

Even so, he balked at the price tag.

As part of the deal, WhatsApp co-founder and chief executive officer Jan Koum will join Facebook’s board, and the social network will grant an additional $3 billion worth of restricted stock units to WhatsApp’s founders, including Koum.

That is on top of the $16 billion in cash and stock that Facebook will pay.

“Goodness gracious, it’s a good deal for WhatsApp,” Teo said.

TERMS

Shares in Facebook slid 5 percent to $64.70 after hours, from a close of $68.06 on the Nasdaq.

Facebook said on Wednesday it will pay $4 billion in cash and about $12 billion in stock in its single largest acquisition, dwarfing the $1 billion it paid for photo-sharing app Instagram.

The price paid for Instagram, which with just 30 million users was already considered overvalued by many observers at the time.

Facebook promised to keep the WhatsApp brand and service, and pledged a $1 billion cash break-up fee if the deal falls through.

Facebook was advised by Allen & Co, while WhatsApp has enlisted Morgan Stanley for the deal.