Sophos Cloud Optix
This is the third time this month we’re writing about WhatsApp, as the company continues to wrestle with a thorny problem: how to tame the public’s attitude to its own attitude to privacy.
When you’re a super-popular instant messaging app that pretty much promises to replace all your SMS bills with a flat-rated service costing $1/year (99c, in fact), getting bought by Facebook is bound to raise a few eyebrows.
Facebook famously doesn’t charge for its services – at least, not in cash.
Instead, Facebook commercialises the content of your interactions with its services, so that rather than being a user or a customer, you are a sort of informal employee, paid in kind.
So, with Facebook having paid $19,000,000,000 for WhatsApp, what will the social networking giant start doing with your WhatsApp data to recoup that enormous sum?
That’s what privacy groups got into a flap about recently, filing a complaint with the US authorities based around that very question:
WhatsApp built a user base based on its commitment not to collect user data for advertising revenue. Acting in reliance on WhatsApp representations, Internet users provided detailed personal information to the company including private texts to close friends. Facebook routinely makes use of user information for advertising purposes and has made clear that it intends to incorporate the data of WhatsApp users into the user profiling business model.
As we reported after news of the complaint broke, WhatsApp’s CEO, Jan Koum, tried to assuage everyone’s fears by saying publicly that:
Respect for your privacy is coded into our DNA, and we built WhatsApp around the goal of knowing as little about you as possible.
Since corporate respect for privacy almost certainly isn’t a genetic trait, the DNA metaphor was probably a bad place to start.
Furthermore, WhatsApp was investigated and censured in 2013 for a number of privacy violations, following a joint investigation of its practices by Canadian and Dutch regulators.
So much for WhatsApp’s “corporate DNA.”
In any case, the privacy complaint isn’t about WhatsApp’s corporate DNA.
It’s about Facebook, the service’s new owners.
As one commenter here on Naked Security sceptically pointed out:
Mr. Koum can believe whatever he wants, but if Zuckerberg paid the piper, he's calling the tunes.
Slightly more curiously, another commenter suggested that:
Someone's really unhappy with the WhatsApp change, because I've seen the AES key needed to decrypt WhatsApp chats floating around my Twitter stream.
What’s that about cryptography problems in WhatsApp?
We wrote in 2013 about two cryptographic blunders by WhatsApp, where the company started off by using encryption keys that were predictable, then “improved” its session encryption, but inadvertently turned a one-time pad into a two-time pad.
The AES key mentioned above is part of a different problem, and was first circulated on Twitter back in 2012.
But the key received a new burst of publicity when it was rediscovered on 11 March 2014, or at least republicised, by a Dutch blogger, Bas Bosschert
As Bosschert reported, the Android version of Whatsapp stores a backup of your chat history in a database file on your SD card.
Many Android apps use your SD card for user data: SD cards are generally more spacious than the flash storage built into a mobile device; they can also be upgraded as needed; and they often have faster read/write speeds as a result.
But SD card file systems on Android live outside each app’s sandbox, and thus effectively act as insecure shared storage.
What one app saves to yor SD card, any other app (assuming it has SD card permissions) can read back in.
WhatsApp’s solution was to encrypt your chat history using AES.
Sadly, the company used a hard-wired key that was the same for every user.
The right way to do it, of course, is to generate a random key for each user when the app is installed, and keep the key in private storage where other apps can’t easily grab hold of it.
This has the additional benefit that the app can easily be made to work without storing the key anywhere at all.
You can allow the user to choose convenience (save the key in private storage where a determined attacker might be able to recover it) or security (ask for a passphrase every time the app starts, so the key is only ever stored in RAM).
According to Bosschert, WhatsApp did update its software after his initial article, but instead of using a securely stored random key, decided to use each user’s account name – data that other apps can fairly easily retrieve, just as they can read SD storage.
I had hoped to reproduce Bosschert’s results myself in order to confirm that WhatsApp’s code is still the same [2014-03-19] as when he wrote his article.
But you can only install WhatApp if you hand over your mobile phone number and let WhatsApp send you an SMS with an activation code.
Curious indeed for an app that aims to liberate you from SMS-based text messaging, and for a company that aims to know as little as possible about you.
→ In many countries, regulations require that all mobile phone numbers be registered against a user whose identity is formally recorded. Some jurisdictions even require proof of address before allowing you to buy a SIM card.
It certainly sounds as though “respect for privacy” isn’t a given at WhatsApp yet.
Ironically, as Dan Goodin over at at Ars Technica noted recently, Facebook’s coders might be just the people to help breathe some cryptographic life into WhatsApp.
That’s because Facebook recently released an open source project for Android entitled Conceal, providing exactly the sort of secure SD card storage functionality WhatsApp could do with in its Android app.
And that raises an interesting trilemma: will Facebook end up reducing the privacy of WhatsApp, or improving it, or a bit of both?
I stopped using Whatsapp the day it was bought by FB.
same
What others me about Facebook is how much they already know about me, even though I don’t have an account. The Whatsapp deal is just an extension of that.
The first question that comes to mind is, “Was the AES key leaked, or did someone crack it?” And if it was cracked, it must have been a very weak key…and that’s in addition to the injudicious practice of using a hard-wired key that was the same for every user in the first place. Add them all up, and I’d say that if Whatsapp has privacy in its DNA, it must be a recessive trait.
But it’s all moot now. Whatever nominal security Facebook might add in cryptographic chops, Whatsapp users’ privacy is now in the hands of someone (Mr. Zuckerberg) who is on record as saying his users are “dumb f_cks”. His persistent refusal to make Facebook’s interminably intrusive “features” opt-in rather than opt-out tells you all you need to know about his privacy DNA.
So, overall, I’d say it’s case 3 (“both”) of the trilemma, with a net loss of privacy for Whatsapp users. I mean, hey…it’s Facebook, the antithesis of privacy.
The key wasn’t “leaked” or “cracked” but simply extracted from the app. The key is hard wired, so every installed copy of the app has a copy of the key – and that key is the same every time.
So a soon as one person has extracted it, everyone knows it (or can find out, e.g. by looking on Twitter 🙂
Technically, I suppose you could say that the key was “leaked” by WhatsApp’s programmers and “cracked” by the first person to extract it from the app, but that makes the level of security sound much better than it was.
I am so glad I did not sign into WhatsApp’s program,I used my head,,did some hard thinking,,and boy am I happy,,I DO have Facebook,they are the best from the rest,I had that feeling,like yeah,right,, questions from left to right ”get WhatsApps”,go ahead they safe,I have nothing to hide from anyone,not even facebook,I am who I am,say what I please as long as nothing is said on the Family Line Im fine..I keep my eyes open and mouth shut!!! thanks much facebook…