Clicky

WhatsApp bug allowed malicious users to delete chats

A major bug in the word's most popular messaging app highlights a single point of failure.

Tired of censorship and surveillance?

Defend free speech and individual liberty online. Push back against Big Tech and media gatekeepers. Subscribe to Reclaim The Net.

In yet another Facebook scandal, WhatsApp is back in the news with a critical vulnerability in the most popular chat app in the world. While not tremendously popular in North America, where ISPs and iMessage have managed to maintain their market share in the messaging industry, the rest of the world relies primarily on WhatsApp to communicate in much of South America, Europe, Asia, and Africa.

Research group CheckPoint have identified a bug back in August where any participant in a group chat could deliver a payload by modifying the sending parameters and the encryption logic. This payload would then crash the device of every member in the group chat.

Furthermore, restarting the device will not resolve the problem, as attempting to open WhatsApp will trigger a crash loop. The solution seems to be to remove the app and reinstall it, but even then, all contents of that group chat will be erased forever.

Fortunately, the bug has been responsibly reported and has been patched in September, but devices running an outdated version of the app are still vulnerable. This bug could have massive implications for those who use WhatsApp to communicate with family, friends or colleagues to share memories or corporate content.

This is another reminder of how dangerous monopolies can can be. With people’s increased reliance on centralized tools like WhatsApp, there will always be a single point of failure that could jeopardize their information and their communication. This single point of failure would only be exacerbated by Facebook’s plans to merge the messaging capabilities of WhatsApp, Facebook Messenger, and Instagram, which they seem to be well on their way to implement.

Back when Facebook first acquired WhatsApp, it promised that it will never use its data to strengthen Facebook’s data collection tools that it sells to advertisers.

Sadly, in a repeat of Instagram’s story, WhatsApp’s founders ended up resigning because that promise was broken – leading Facebook to now own the data of four out of five of the most popular social apps in the world, the fifth being Chinese-owned TikTok, which is in no way the lesser of two evils.

If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net.

Tired of censorship and surveillance?

Defend free speech and individual liberty online. Push back against Big Tech and media gatekeepers. Subscribe to Reclaim The Net.

Read more

Share