Even in the most protected messengers have their own vulnerabilities. According to the newspaper the Mirror, the WhatsApp vulnerability was discovered, through which users of Android, iPhone and Windows Phone can read even deleted messages.
Removed, but not forever
WhatsApp has a function that allows the user for hours to quickly remove the message, for example, sent by mistake. Thus, the sender usually sure that the remote message no one will ever read.
As it turned out, there is a way to know what was in those, not available, messages for backup. Reported by the Mirror.
Most users of smartphones based on Android, iOS and Windows Phone this feature is enabled by default — she starts work at two o’clock every day. If the person has deleted the message, and the recipient will have to read it, it is possible to exploit this vulnerability, the application and remove WhatsApp from your phone.
After that you need to re-install messenger on your device. The system will automatically restore all chats with the help of backup, including deleted messages, which again will be visible to all participants in the conversation.
The fact that these messages disappear from chat, but are still stored on the gadget. When the application is reinstalled, it automatically ceases to count them removed.
In addition, according to the Mirror, messages missing from chat can still be read using the notification system on Android. This will require a third-party application that allows you to intercept these alerts.
The publication notes that this vulnerability is only temporary, as the tech support WhatsApp will soon release a patch that will eliminate this bug.
However, at the time of this writing, this problem still persists.
Earlier it became known that WhatsApp has restricted the sending of messages in the fight against fake news. Users can now redirect any the news up to five times.
The limit will reduce the number of users who can receive the same message, up to 1280 people, because the maximum capacity of one chat WhastApp is 256 users.
“This will help users to focus on WhastApp private conversation with loved ones. We will continue to get feedback from users about their experiences, and, over time, introduce new ways of dealing with viral content,” — said Vice-President of the company Victoria Grand.
Representative of the platform said that the limit is “a reasonable rate”, which will allow you to stay connected with family and friends, but will help to reduce the abuse of messenger.
The wire Willy-nilly
Recently the media reported about another nasty vulnerability. We are talking about the FaceTime app, with which users of iPhone, iPad and MacBook can connect with each other via video link.
The bug works as follows — the user starts a video call using FaceTime, swipe area at the bottom of the screen and select “add person”. After that, it writes its own number, which the app starts a group call. From this moment, the user hears everything that is happening near the phone, his interlocutor, even if he hasn’t received a call.
Thus, any attacker can install a wiretap of another Apple device, the owner of which will not even suspect about it.
Meanwhile, Apple has already released an official statement in which he acknowledged the problem and promised to release a patch in the very near future.
“We know about this vulnerability and released a patch, which will be available along with a system upgrade before the end of this week,” said a company representative.
Meanwhile, experts recommend to temporarily remove FaceTime until the patch is ready and available for all Apple users. It is reported that the problem with unauthorized wiretapping, most likely, lies in the function group calls to FaceTime, which was launched in November 2018. At the time of publication of the material group calls in the application unavailable for users around the world to avoid abuse of this vulnerability.
Read more •••