"Hackers could have full access (!) to everything on the phones of WhatsApp users.
"Hackers could have full access (!) to everything on the phones of
WhatsApp users.
[...] IN theory a compromised appplication could only
access resources the operating system is willing to
conceede to it. That is why you are supposed to give
permissions to applications to access this or that feature
of the phone.
My understanding of the vulnerability is that Whatsapp is
allowing full access despite user-controls, when a user is
tricked into a video conference or accepts some file delivery.
And.. meanwhile, Whatsapp stores the user passwords in the
clear.
i didnt follow the link but i looked it upon my own. they
dont think anybody knew about this issue and it was
patched. who knows if that's correct. it's from sending a
video file that allows remote code execution.
what do you mean whatsapp stores user passwords in the clear?
they are encrypted.
what do you mean whatsapp stores user passwords in the clear?
they are encrypted.
One of the other articles mentioned that up until 2016 the app
didn't encrypt the pw or manage the keys properly.
Sysop: | Kurt Hamm |
---|---|
Location: | Columbia, SC |
Users: | 8 |
Nodes: | 20 (0 / 20) |
Uptime: | 135:43:56 |
Calls: | 2,804 |
Calls today: | 1 |
Files: | 64 |
Messages: | 854,509 |