Encrypted Chat: Important but Possibly a Threat to Some Interests

February 18, 2020

Here is some interesting, if blatantly slanted, information. The founder of Telegram Messenger, Pavel Durov, describes the reasons his company’s rival is trouble in the post, “Why Using WhatsApp Is Dangerous.” He writes:

“A few months ago I wrote about a WhatsApp backdoor that allowed hackers to access all data on any phone running WhatsApp [1]. Facebook, its parent company, claimed at the time that they had no proof the flaw had ever been used by attackers [2]. Last week it became clear that this backdoor had been exploited to extract private communications and photos of Jeff Bezos – the richest person on the planet – who unfortunately relied on WhatsApp [3]. Since the attack seemed to originate from a foreign government, it is likely that countless other business and government leaders have been targeted [4]. In my November post, I predicted this would happen [5]. The United Nations now recommends its officials remove WhatsApp from their devices [6], while people close to Donald Trump have been advised to change their phones [7]. Given the gravity of the situation, one would expect Facebook/WhatsApp to apologize and pledge not to plant backdoors in their apps going forward. Instead, they announced that Apple, not WhatsApp, was to blame. Facebook’s vice president claimed that iOS, rather than WhatsApp, had been hacked [8].”

(Yes, those numbers represent footnote citations. See the post for those, and many more, relevant links.)

The post explains why, exactly, the Bezos breach could not have been the fault of iOS. It also explains why WhatsApp’s promise of “end-to-end encryption” is not all it’s cracked up to be. For one thing, users tend to back their chats up to the cloud; we’re reminded, as an example, that the FBI got Apple to relinquish plans to encrypt its iCloud. Then there are the backdoors—enforcement agencies pressure app developers to secretly build vulnerabilities into their platforms. These are usually described as “accidental” security flaws when discovered, as 12 have been found in WhatsApp in the last year alone. Finally, it is impossible to know whether the encryption implemented on a messaging app uses the code the company claims it does. Except for Telegram, of course, which has been open source with fully documented encryption since 2013, Durov emphasizes.

The telegram founder cheerfully admits his bias, asserting that, of course, he believes Telegram Secret Chats is more secure than the competition. That is largely because, unlike other platforms, his company refuses to comply with enforcement agencies’ demands for backdoors. As a result, Telegram is banned in Russia and Iran, unlike the dodgy WhatsApp. To read more details of Durov’s/ Telegram’s perspective, check out the post for yourself.

Cynthia Murrell, February 18, 2020

Written by Stephen E. Arnold · Filed Under Business strategy, News, Security

Comments

Comments are closed.

Search the site
Subscribe to Beyond Search
Feature archive
News archive

Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.