If
you are using WhatsApp and feel secure by the thought that your privacy
mode is set to offline, well, you might have to think again.
A
serious flaw has been detected in the cross-platform mobile messaging
app which enables a user’s status to be tracked and also keep an eye of
their changing profile pictures, privacy settings or status messages
regardless of their privacy settings.
The
web based tool called ‘WhatsSpy Public’ has been designed by Maikel
Zweerink, a student of Dutch University. This tool is a web-oriented
application that tracks every move of whichever user one wishes to
follow. This application is setup as an ‘Proof of Concept’ that Whatsapp
is broken in terms of privacy.
Once
the application is set up, users can track WhatsApp users that they
want to follow. Once it’s running, it keeps track of activities such as
Online/Offline status, Profile pictures, Privacy settings and Status
messages. The tool requires an SIM Card or non-Whatsapp used phone
number and some other resources.
In
a blog post on his website, he pointed out that his software tool has
revealed that even a hacker without a WhatsApp account, can monitor the
activities of a WhatsApp user even if he or she has turned on the
privacy settings.
The
software web-developer himself stated that, “I made this project for
you to realise how broken the privacy options actually are. It just
started out as experimenting with WhatsApp to build a bot, but I was
stunned when I realised someone could abuse this “online” feature of
WhatsApp to track anyone.
He
also added that, “I could just say this in like a blog article that the
privacy options are broken, but you wouldn’t realise the impact it
actually has.”
This
isn’t the first time there has been an issue regarding WhatsApp’s
privacy. Few days ago, a report pointed out that a new security bug
found in WhatsApp lets anyone see a user’s profile photos even if they
have set it to ‘Contacts-only’. The 17-year-old security researcher,
Indrajeet Bhuyan had discovered this problem.
The
problem occurred due to the new web version. It is said to be a result
of the phone app not being synced properly with the new web interface.
Posted by : Gizmeon
No comments:
Post a Comment