WhatsApp messages could be read by hackers, security experts warn, if backed up to Google Drive
The latest security warning comes as the Facebook-owned chat app announced plans to start backing up users' messages to Google Drive for free.
Although WhatsApp protects all sent messages, images, videos and documents with end-to-end encryption, opting to back-up with Google Drive stops this security practice – leaving texts exposed to online hackers.
WhatsApp has long allowed people to store their messages in Google Drive.
Until now, these back-ups counted towards users' Google Drive storage limit. However, WhatsApp recently announced a partnership with the company that means back-ups will no longer be counted toward their Google Drive allowance. This means more people will likely take advantage of the feature, leaving more people potentially exposed.
What's interesting to me is that the messages are decrypted and sent to Google Drive. The ideal is to have messages encrypted with your own key, and if you lose your password your messages are lost forever. The moment a third party can reset your password (and retain access to data), or can decrypt your data, or can search your data, it means you are not in full control of your data. You either have security or you don't have it – there is no half security. Assuming in this WhatsApp case the data is still transferred via SSL to your Google Drive it may not be intercepted by another 3rd party, but it is unencrypted on Google Drive which means Google's search can see the information (and anyone else who manages to hack your Google account). SpiderOak and others encrypt locally and store in encrypted format with your one encryption key – they (or anyone else) just cannot access that information.
 |
WhatsApp messages could be read by hackers, security experts warn | IOL Business Report Hackers could soon read through your WhatsApp text messages, images and videos. |