Open Whisper Systems the creator of WhatsApp has vehemently denied The Guardians report that WhatSapp has a backdoor in their product. WhatsApp uses end to end encryption to secure messages. They use a public and private key pair for security.
The Guardian story claims that their is a security vulnerability via FaceBook that would allow people to read these encrypted messages. FaceBook also denies that there is a WhatsApp backdoor. These keys change every time a user either installs this software or gets a different device.
WhatsApp has a notification feature of these changes, that can be turned off or on. Even if a message gets sent between device change and or application installation, WhatsApp is supposed to notify of changes and end user can encrypt this message again. Also, messages that have already been sent, cannot become encrypted and sent again.
Open Whisper Systems claims that The Guardian never asked for them to comment, pertaining to this security matter. Also, this company claims that they have tried to contact individuals at The Guardian to no avail.
The Guardian claims that their is indeed a backdoor that is potentially open to FaceBooks’ one billion users. Also, they claim that this could allow governments and intelligence agencies to spy on individuals communications. This story claims that Open Whisper Systems has an ability to force users to encrypt and resend messages.
This allegedly would allow WhatsApp employees to read these messages. This security vulnerability was first noticed by Tobias Boelter, a cryptography and security researcher from the University of California, Berkeley. He is quoted as saying:
“If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.”
Tobias supposedly notified FaceBook, in April of two thousand sixteen, of this security hole, but FaceBook never actively worked on rectifying this problem. Finally, FaceBook admitted to this security loophole and yet did not try to fix it.