In the largest Silicon Valley acquisition of all time, Facebook recently bought the popular cross-platform app WhatsApp for $19 billion. The move underscored the increasing centrality of mobile messaging services that have evolved from simple SMS alternatives into fully-featured platforms capable of exchanging photos, videos and themed stickers, as well as hosting video games, facilitating e-commerce and enabling HD voice calls.
These apps are now among the most heavily used and easily monetized software on iOS and Android, and they have unsurprisingly drawn the attention of established companies. Not long before the WhatsApp acquisition, voice/text app Viber was bought by Japanese e-commerce firm Rakuten, and Apple, Google and Microsoft all currently offer their own OTT solutions in the form of iMessage, Hangouts and Skype, respectively.
Given the enormous volume of messages that these services handle each day, ensuring their security is, or at least should be, of paramount importance to their makers. There's good news on this front, such as Apple's use of a different private key for each device that receives an iMessage, but there are still plenty of holes elsewhere.
In particular, WhatsApp's meteoric rise disguised its ongoing struggles with outages and lax enforcement of encryption. These oversights may be par for the course for startups that have to quickly scale operations to meet demand, but they're dangerous for users all the same. For the first three years of its existence, WhatsApp transmitted messages in plaintext, making it possible for almost anyone to pick up on messages in transit.
Although WhatsApp has recently taken steps to rectify these issues (and the Facebook acquisition may lead to new seriousness about security), the app still has enough issues, real and perceived, to concern consumers. Many users have already flocked to alternatives such as Telegram that have made privacy and end-to-end encryption some of their top marketing points. Ideally, the flaws of WhatsApp will get software makers and security providers thinking about how to ensure that mobile messaging apps are both usable and safe.
WhatsApp's history of security troubles
From 2009 to 2012, WhatsApp didn't use encryption. This oversight was so well known that someone created an Android app called WhatsAppSniffer that could intercept messages sent by any user on the same Wi-Fi network.
WhatsAppSniffer was more of a proof-of-concept than a tangible threat to privacy, but nevertheless, it presaged the specific interest that intelligence agencies would eventually take in messaging services, as well as the general risk of conducting high-volume communications in plaintext. WhatsApp was finally pushed to secure its messages after Dutch and Canadian officials announced investigations into the app's practices, but it didn't implement everything correctly.
Rather than use end-to-end protection, WhatsApp employed encryption that utilized the same key for incoming and outgoing messages. This move is a classic encryption error that got Soviet intelligence agencies into trouble in the 1950s and caused headaches with VPN software for Microsoft in the 1990s. Last autumn, a Dutch software developer noticed that WhatsApp may have been falling into the same trap.
"RC4 is a PRNG [pseudo-random number generator] that generates a stream of bytes, which are xored with the plaintext that is to be encrypted," stated Adium messaging client lead developer Thijs Alkemade, according to PCWorld. "By xoring the ciphertext with the same stream, the plaintext is recovered."
Similarly, WhatsApp's encryption implementation supported version 2 of the SSL protocol until recently, which opened up a number of vulnerabilities to man-in-the-middle attacks. While this flaw appeared to have been addressed by late February, researchers still found evidence that WhatsApp was not enforcing SSL pinning, the practice of hardcoding a certificate into an app so that it will work only with servers using that certificate and reject any imposters.
Certificate pinning came to the fore several years ago, when its implementation in the Google Chrome browser revealed a fraudulent certificate signed by a legitimate authority. The false certificate was nominally protecting the transmissions of some Gmail users. By not implementing it, WhatsApp is putting the privacy and sensitive data of its users in danger.
"This is the kind of stuff the NSA would love," Praetorian's Paul Jauregui wrote in a company blog post. "It basically allows them – or an attacker – to man-in-the-middle the connection and then downgrade the encryption so they can break it and sniff the traffic. These security issues put WhatsApp user information and communications at risk."
The broader privacy and security risks of WhatsApp's practices
Encryption wasn't the only issue that Dutch and Canadian authorities discovered – perhaps their most notable revelation was that WhatsApp's internal encryption could be cracked in under 5 minutes using a standard desktop PC. For example, WhatsApp requires users to upload their entire phone books to discover others that use WhatsApp, and it retains the numbers even for non-users while not anonymizing them, creating a real privacy issue.
These types of risks are naturally magnified by the fact that WhatsApp had more than 400 million regular users even prior to its acquisition by Facebook. Although the service hasn't been hit with a devastating attack so far, its vast scale invites a high level of attention from both would-be attackers and regulators. The silver lining here may be that security experts and authorities are usually out in front of any potential weakness in WhatsApp.
For instance, a German data commissioner pointed out that WhatsApp may be non-compliant with European information security regulations. Rivals such as Telegram have gotten a boon from the revelations about WhatsApp in the wake of the Facebook acquisition. Telegram, with its ad- and subscription-free business model and full encryption, went from 100,000 average daily users a few months ago to briefly being the top iPhone app in almost 50 countries.
Moreover, steering clear of WhatsApp's risks isn't difficult. While users have many alternatives, WhatsApp itself could probably be easily fixed by prioritizing security during mobile app development. As Jauregui pointed out, mobile is a new frontier for many developers, and many of them don't have much experience with techniques such as certificate pinning. It's up to the security community to help guide app makers toward more secure practices, so that services such as WhatsApp continue to be valuable tools.