WhatsApp, a massive messaging platform owned by Facebook, is well known as one of the more secure messengers on the market.
WhatsApp redesigned its backend earlier this year so that every message sent using the service will be protected in a way that even WhatsApp would not be able to read it if it wanted to, called end-to-end encryption.
But a Guardian report published on Friday cast doubt on WhatsApp’s security, saying that a “vulnerability” or “backdoor” existed that could allow governments to snoop on people’s private messages.
Don’t worry. There is no backdoor like the FBI was seeking for the iPhone in WhatsApp.
Moxie Marlinspike, the founder of Open Whisper Systems, which helped designed WhatApp’s security protocol, shot back in a long and detailed blog post on Friday.
Cryptography is detail-oriented and complicated, and often summaries can get important aspects wrong, but here goes: Messaging systems need to know if the person it’s sending a message to is actually who he says he is.
But WhatsApp decided that if one messenger changed his security key, then it would simply give the user a warning — instead of blocking him entirely like some secure messengers do, it would simply display a warning, like this:
This decision led The Guardian to speculate that a government might be able to pull off “man-in-the-middle” attacks and hijack messages meant for another person.
Most end-to-end encrypted communication systems have something that resembles this type of verification, because otherwise an attacker who compromised the server could lie about a user’s public key, and instead advertise a key which the attacker knows the corresponding private key for. This is called a “man in the middle” attack, or MITM, and is endemic to public key cryptography, not just WhatsApp.
In fact, WhatsApp made a security choice based on usability, because it has 1 billion users, and shutting down people’s conversations could be annoying for its users. Even worse, it could make the entire system less secure. Cryptographers have to make trade-offs all the time.
Given the size and scope of WhatsApp’s user base, we feel that their choice to display a non-blocking notification is appropriate. It provides transparent and cryptographically guaranteed confidence in the privacy of a user’s communication, along with a simple user experience. The choice to make these notifications “blocking” would in some ways make things worse. That would leak information to the server about who has enabled safety number change notifications and who hasn’t, effectively telling the server who it could MITM transparently and who it couldn’t; something that WhatsApp considered very carefully.
If you’re worried about the privacy of your communications, WhatsApp remains a better choice than many of its alternatives, such as Telegraph. However, for users that want best-in-class, Open Whisper Systems’ Signal messenger usually optimizes for security, not usability, and it remains whistleblower Edward Snowden’s favorite messenger.