This is the third time this month we’re writing about WhatsApp, as the company continues to wrestle with a thorny problem: how to tame the public’s attitude to its own attitude to privacy.
When you’re a super-popular instant messaging app that pretty much promises to replace all your SMS bills with a flat-rated service costing $1/year (99c, in fact), getting bought by Facebook is bound to raise a few eyebrows.
Facebook famously doesn’t charge for its services – at least, not in cash.
Instead, Facebook commercialises the content of your interactions with its services, so that rather than being a user or a customer, you are a sort of informal employee, paid in kind.
So, with Facebook having paid $19,000,000,000 for WhatsApp, what will the social networking giant start doing with your WhatsApp data to recoup that enormous sum?
WhatsApp built a user base based on its commitment not to collect user data for advertising revenue. Acting in reliance on WhatsApp representations, Internet users provided detailed personal information to the company including private texts to close friends. Facebook routinely makes use of user information for advertising purposes and has made clear that it intends to incorporate the data of WhatsApp users into the user profiling business model.
As we reported after news of the complaint broke, WhatsApp’s CEO, Jan Koum, tried to assuage everyone’s fears by saying publicly that:
Respect for your privacy is coded into our DNA, and we built WhatsApp around the goal of knowing as little about you as possible.
Since corporate respect for privacy almost certainly isn’t a genetic trait, the DNA metaphor was probably a bad place to start.
Furthermore, WhatsApp was investigated and censured in 2013 for a number of privacy violations, following a joint investigation of its practices by Canadian and Dutch regulators.
So much for WhatsApp’s “corporate DNA.”
In any case, the privacy complaint isn’t about WhatsApp’s corporate DNA.
It’s about Facebook, the service’s new owners.
As one commenter here on Naked Security sceptically pointed out:
Mr. Koum can believe whatever he wants, but if Zuckerberg paid the piper, he's calling the tunes.
Slightly more curiously, another commenter suggested that:
Someone's really unhappy with the WhatsApp change, because I've seen the AES key needed to decrypt WhatsApp chats floating around my Twitter stream.
What’s that about cryptography problems in WhatsApp?
We wrote in 2013 about two cryptographic blunders by WhatsApp, where the company started off by using encryption keys that were predictable, then “improved” its session encryption, but inadvertently turned a one-time pad into a two-time pad.
The AES key mentioned above is part of a different problem, and was first circulated on Twitter back in 2012.
But the key received a new burst of publicity when it was rediscovered on 11 March 2014, or at least republicised, by a Dutch blogger, Bas Bosschert
As Bosschert reported, the Android version of Whatsapp stores a backup of your chat history in a database file on your SD card.
Many Android apps use your SD card for user data: SD cards are generally more spacious than the flash storage built into a mobile device; they can also be upgraded as needed; and they often have faster read/write speeds as a result.
But SD card file systems on Android live outside each app’s sandbox, and thus effectively act as insecure shared storage.
What one app saves to yor SD card, any other app (assuming it has SD card permissions) can read back in.
WhatsApp’s solution was to encrypt your chat history using AES.
Sadly, the company used a hard-wired key that was the same for every user.
The right way to do it, of course, is to generate a random key for each user when the app is installed, and keep the key in private storage where other apps can’t easily grab hold of it.
This has the additional benefit that the app can easily be made to work without storing the key anywhere at all.
You can allow the user to choose convenience (save the key in private storage where a determined attacker might be able to recover it) or security (ask for a passphrase every time the app starts, so the key is only ever stored in RAM).
According to Bosschert, WhatsApp did update its software after his initial article, but instead of using a securely stored random key, decided to use each user’s account name – data that other apps can fairly easily retrieve, just as they can read SD storage.
I had hoped to reproduce Bosschert’s results myself in order to confirm that WhatsApp’s code is still the same [2014-03-19] as when he wrote his article.
But you can only install WhatApp if you hand over your mobile phone number and let WhatsApp send you an SMS with an activation code.
Curious indeed for an app that aims to liberate you from SMS-based text messaging, and for a company that aims to know as little as possible about you.
→ In many countries, regulations require that all mobile phone numbers be registered against a user whose identity is formally recorded. Some jurisdictions even require proof of address before allowing you to buy a SIM card.
It certainly sounds as though “respect for privacy” isn’t a given at WhatsApp yet.
Ironically, as Dan Goodin over at at Ars Technica noted recently, Facebook’s coders might be just the people to help breathe some cryptographic life into WhatsApp.
That’s because Facebook recently released an open source project for Android entitled Conceal, providing exactly the sort of secure SD card storage functionality WhatsApp could do with in its Android app.
And that raises an interesting trilemma: will Facebook end up reducing the privacy of WhatsApp, or improving it, or a bit of both?