Security Experts Rebut The Guardian's Report That Claimed WhatsApp Has a Backdoor

William Turton, writing for Gizmodo: This morning, the Guardian published a story with an alarming headline: "WhatsApp backdoor allows snooping on encrypted messages." If true, this would have massive implications for the security and privacy of WhatsApp's one-billion-plus users. Fortunately, there's no backdoor in WhatsApp, and according to Alec Muffett, an experienced security researcher who spoke to Gizmodo, the Guardian's story is a "major league fuckwittage." [...] Fredric Jacobs, who was the iOS developer at Open Whisper Systems, the collective that designed and maintains the Signal encryption protocol, and who most recently worked at Apple, said, "Nothing new. Of course, if you don't verify keys Signal/WhatsApp/... can man-in-the-middle your communications." "I characterize the threat posed by such reportage as being fear and uncertainty and doubt on an 'anti-vaccination' scale," Muffett, who previously worked on Facebook's engineering security infrastructure team, told Gizmodo. "It is not a bug, it is working as designed and someone is saying it's a 'flaw' and pretending it is earth shattering when in fact it is ignorable." The supposed "backdoor" the Guardian is describing is actually a feature working as intended, and it would require significant collaboration with Facebook to be able to snoop on and intercept someone's encrypted messages, something the company is extremely unlikely to do. "There's a feature in WhatsApp that -- when you swap phones, get a new phone, factory reset, whatever -- when you install WhatsApp freshly on the new phone and continue a conversation, the encryption keys get re-negotiated to accommodate the new phone," Muffett told Gizmodo. Other security experts and journalists have also criticized The Guardian's story.

Yeah both agree on the main points, actually

[raymorris]

Muffet is saying it's "major league fuckwittage", while acknowledging that the main point is true: Facebook could in fact intercept messages.

Jacobs says "well duh, if you send a message without verifying keys" - and Whatsapp does just that, automatically resends the message before you have a chance to verify the key.

Re:And Muffet is employed by?

[alecm]

Currently, since July, I am employed by nobody. And loving it.

Previously to that I worked at Facebook, built their Tor onion, and build Facebook Messenger E2E crypto.

So, I'm competent to comment, and beholden to nobody :-P

Speculation is irrelevant

[nightfire-unique]

The Whatsapp client is proprietary and closed source.

It should be assumed to be compromised regardless of what anyone says about it.

missing the point

[Tom]

He is missing the point.

The article is not speaking about an encryption flaw or anything like that, but about a backdoor - a feature that allows Facebook, without any code changes on your device or other intrusion - to eavesdrop on any conversation you are having.

A good encryption would be impenetrable even to the vendor. It should not allow the keys to be changed underneath you. It should not warn you afterwards about this fact, and only if you have a special option enabled, but it should tell you before it does a key change, and require your consent.

Re:Compromise

[Tom]

Different problem.

Yes, the provider could initiate a man-in-the-middle attack against all users from the start. However, let us assume that he didn't do that, for various reasons that are for a seperate discussion.

In such a scenario, Alice conversation with Bob is secure. It requires only the initial secure key exchange. Once that is complete, they are fine.

But with the backdoor of silent key-renegotiation, the provider can at any time decide that now they want to eavesdrop into this or that conversation. Say, because a government agency asked them nicely, or a FB employee looked up that woman he met last night in the database and found her WhatsApp number...

It is a different scenario with different ramifications.

Did Whatsapp go open source yet?

[cloud.pt]

Some disclaimer:
I have moderate IT Security experience. I'm admittedly not the ITSec convention-going type, but I've developed for solid security, done successful penetration testing on people's code and the likes... From the guardian's article, and from my POV, the major issue here is one of wording: a Backdoor is a feature, one intentionally added by developers and hidden from the end user-facing stuff such as UI and (R)TFM. This is definitely not a backdoor - it looks like a flaw, probably associated with different use cases of whatsapp vs the original API, considering it happens on verbose conditions, and it surely seems tricky to replicate without very explicit user behavior. Apparently even a change in defaults by whatsapp can solve this.

Now for the real issue:
How can anyone even start arguing about an article's guilt on this or Whatsapp intentions without tackling the subject that: every closed source app claiming privacy (such as whatsapp), however you paint it, can never do so as guaranteed without being open source. There is one way, and one way only, that privacy can be achieved without having to trust on privacy policies, disclosures, public legal action or even secretive court orders and it is to open source the damn thing and providing a way of building that outputs the same without the branding (think Chromium or the Mozilla suite in Debian).

Here's the deal: Whatsapp states it uses the Whisper API but they might as well not use it. Whisper and Signal might state they collaborate and trusts they do use it, but who is to say they aren't being paid for this, lying or even chain-trusting blindly in Whatsapp statements of use? Oh wait, so there's a legal binding document saying Whatsapp actually does this... BIG DEAL. There are also constitutions being RAPED EVERY DAY by US, Chinese, Russian, (every country?) security services.

Snowden advises on using Signal for two essential reasons that cannot be taken apart:
1. he has access to the shyt going on inside and...
2. he actually understands that shyt.

Number one is the big deal here, and number 2 is the reason he publicly admits his support for Signal - people trust his technical judgement. Granted, no.1 won't make much sense to 99% of the world at which point you have to start trusting on someone's technical ability, reputation and honor, and for fuck sake Whatsapp is a commercial application based in the US - they HAVE to lie about such things, they don't even get a choice. Just having no.1 is like placing your neck under the sword of the entire world community. It's a lot better than a feature list, and advert, a legal document, someone's word. it's everybody's word.

This is no conspiration theory, but logic beats trust, and most here, as engineers should be very aware of that. Even the trust in one's own actions isn't fallible - some people lie to themselves, some people don't know better than to believe they have failed at something and will trust blindly on their own ability. But sooner or later everybody finds out we are only as perfects as what we are made of. SHOW ME WHAT YOUR APP IS MADE OF and you will have the right for my complete blind trust (because it just isn't blind anymore). It can even be coded in esperanto (intentional bullshit here). It's the only way it is honestly submitted for scrutiny of your own statements of privacy and security.

Re:And Muffet is employed by?

[alecm]

a) just check my twitter for proof - and my 4-digit Slashdot ID. :-)

b) i've built a reputation for 25 years, saying such things. Go dig up my USENET from 1991. Hasn't done me any harm that I care about, and it has done me measurable good when people see me commit to a set of values or a proposition with no "if", "and" or "but".

c) at least I'm funny. :-)