Did you always thought that nobody could read your messages that are being sent via WhatsApp? Think again, cause a small test shows that other people can view usernames, phone numbers and text messages by using a simple network sniffer like Wireshark. The application gives the impression that the connection is secured with an SSL encryption, but this is not the case. The messenger service has already stated that it will investigate the leak.
You don’t have to think that this is the end of the world, cause most emails are being sent unencrypted over the network as well and can be easily viewed with tools like Wireshark. But the problem is that WhatsApp gives the impression that the message is getting encrypted when its being sent over, their website shows that they are using SSL. But the implementation of SSL isn’t done perfectly. The application uses the port 443 for https, but that doesn’t really matter cause the message is still being transferred unencrypted. Which means that if you are on the same network, you can view telephone numbers, usernames and even messages in plain text.
Should I stop using WhatsApp?
That is of course your own decision, but the leak isn’t something really new, but you may want to watch out if you are on an unsecured network, if you are on 3G it is perfectly fine. On your own network at home or at work it isn’t likely that someone will sniff through your traffic data, but you can never be sure. So if you want to be perfectly safe, stay on 3G, or just be careful.
WhatsApp has said that they will be investigating the matter. If you still are afraid that your WhatsApp messages will end up in the wrong hands, you can switch to an alternative messenger. Skype messages are encrypted with a 256-bit AES encryption key.
Moo
Check out “www.geenstijl.nl”. use google translate. Someone found a way way bigger hack to WhatsApp that allows you to actually take over *any* WhatsApp account in the entire world… There is a video demonstrating it.
Corey Brookehoven
Thanks for the tip, but this only seems to work on those old Symbian phones, if an iPhone application sends out a text message it will not show up in the normal inbox. Not sure about BlackBerry or Android, will try to test it out tomorrow.