Quote:
Originally Posted by Happy
WhatsApp - Wikipedia, the free encyclopedia
Spoiler!
In May 2011, a security hole was reported in WhatsApp which left user accounts open for hijacking.[25] Since May 2011, it has been reported that communications made by WhatsApp are not encrypted, and data is sent and received in plaintext, meaning messages can easily be read if packet traces are available.[26]
According to some sources, it is believed that the hijacking hack was performed, and later fixed by helping WhatsApp reproduce it on Android and Symbian, by Liroy van Hoewijk, CEO of CoreISP.net.[27][28] Then, in May 2012 security researchers noted that new updates of WhatsApp no longer sent messages as plaintext,[29][30][31] however, the cryptographic method implemented was subsequently described as "broken".[32]
In September 2011, a new version of the WhatsApp Messenger application for iPhones was released. In this new version, the developer has closed a number of critical security holes that allowed forged messages to be sent and messages from any WhatsApp user to be read.[33]
On January 6, 2012, an unknown hacker published a website (WhatsAppStatus.net) which made it possible to change the status of an arbitrary WhatsApp user, as long as the phone number was known. To let it work, it only required a restart of the app. According to the hacker, it is only one of the many security issues in WhatsApp. On January 9, WhatsApp reported to have solved the issue. In reality, the only measure that was taken was blocking the website's IP address. As a reaction, a Windows tool was made available for download providing the same functionality. This issue has since been resolved in the form of an IP check on currently logged in session.[34][35]
On January 13, 2012, WhatsApp was pulled from the iOS App Store. The reason was not disclosed. The app was added back to the App Store four days later.[36]
Using WhatsAPI, German Tech site The H demonstrated how to hijack any WhatsApp account on September 14, 2012.[37] Shortly after a legal threat to WhatsAPI's developers was alleged, characterized by The H as "an apparent reaction" to security reports, and WhatsAPI's source code was taken down.[38] The WhatsAPI team has since returned to active development.[39]
Security hole that lets people hi-jack users accounts? Being pulled from the App store on apple because of lack of security?
I never knew bbm security was worse than that
|
This is like comparing apples to oranges. Blackberry will have as many security flaws as Whatsapp, if they had 200 million users, is widely available across multiple mobile platforms, and that hacker care to expose them. As we currently stand. Blackberry is ranked 4th worldwide (behind WP8) in market share, if you're a hacker, you won't care to target a small userbase.
This is like another PC vs Mac security debate. If BBM is as significant as other messengers (Whatsapp, Kakotalk), I am sure hackers will care enough to expose them. We will find out sooner or later whether BBM can withstand its claims.
The point that I am trying to make is that people were suggesting that Blackberry is the only player in the game with message encryption and I am just trying to say that there are others including Whatsapp that have that feature as well, and whether it has security vulnerabilities or not, is a whole other debate.