Facebook has responded to 'potential' security flaws discovered and reported by a cybersecurity firm Check Point Research that it said could allow hackers to alter your WhatsApp messages. In its statement and detailed explanation to Republic World, Facebook said it reviewed the issue last year and it is false to suggest there is a vulnerability with existing WhatsApp security.
"We carefully reviewed this issue a year ago and it is false to suggest there is a vulnerability with the security we provide on WhatsApp. The scenario described here is merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn’t write. We need to be mindful that addressing concerns raised by these researchers could make WhatsApp less private - such as storing information about the origin of messages," Facebook spokesperson told Republic World.
In its detailed explanation to Republic World, Facebook also offered some additional background to issues described by researchers. Facebook denied 'vulnerability' claims made by researchers and said end-to-end encryption remains safe. Facebook also said this report by Check Point Research does not challenge the Signal protocol.
"This is not a vulnerability. When someone replies to a message, the WhatsApp client copies the text available within the app and creates a kind of graphical representation that helps people follow the conversation. When a user taps on this “quick reply” it will reference the previous message within the chat thread - to help identify its source within the chat log if it exists," Facebook said.
Facebook also explained changes suggested by Check Point would require WhatsApp to log all messages, which is something it does not want to do for the privacy of its users. It would also require WhatsApp to make it impossible to deliver messages to groups when a single person was not connected to the internet, which would have serious usability problems.
Additionally, Facebook also explained changes suggested by Check Point Research would also require WhatsApp to Prevent the ability for users to quote reply a message sent prior to a new group member joining.
"People always have the option of blocking a sender who tries to spoof messages and they can report problematic content to us. We also work to ban accounts trying to change WhatsApp and use it to spam users," WhatsApp said.