WhatsApp bug shows private pictures to strangers

WhatsApp bug shows private pictures to strangers

A security problem in WhatsApp means that anyone can see users’ profile photos, even if they have been set to be viewable to friends only, according to security researchers.

The problem, which was found by 17-year-old security researcher Indrajeet Bhuyan, seems to be a result of the phone app not being properly synced with the new web interface.

Users are able to set WhatsApp so that it only shares their profile photo with people they have as contacts. But the bug allows people to get around that and see the profile photos of strangers.

The web app also allows users to see photos that have since been deleted. On the phone app, those photos get blurred out — but on the web they seem to remain clearly forever.

“Sure, it’s not the most serious privacy breach that has ever occurred, but that’s missing the point,” wrote security expert Graham Cluley in a blog post on the bug. “The fact of the matter is that WhatsApp users chose to keep their profile photos private, and their expectation is that WhatsApp will honour their choices and only allow their photos to be viewable by those who the user has approved.”

WhatsApp has been committed to ensuring security and privacy for its users, recently introducing end-to-end encryption.

The apps web client was introduced on January 21. While many were excited to finally be able to read and respond to messages from their PC, it also disappointed other users with its limited compatibility and functions.

Bhuyan has found holes in WhatsApp before, previously finding a way of forcing the app to crash on Android phones by sending a small message to users.

Related Post

YouTube for Artists offers tools to launch your online music career
views 59
YouTube can be a powerful tool for emerging musicians, offering a direct line to fans and always teasing the possibility of a surprise, viral hit.&nbs...
Sony investigators says cyber attack was ‘unparalleled’ crime
views 40
Los Angeles: Forensics experts hired by Sony Corp to investigate the massive cyber attack at its Hollywood studio said the breach was unprecedented, w...
Samsung unveils the Galaxy A8 – its slimmest ever phone (Pictures)
views 57
The Galaxy A8 is 5.9mm (0.23in) thick, making it less than 85% the thickness of Samsung's flagship Galaxy S6 Edge. The phone features an all-metal bod...
Heat your house for free with servers
views 70
Not a PR stunt but a genuine offer, Cloud&Heat seeks a mutually beneficial relationship with homeowners, whereby you house their servers for free but ...
25,000 users to sue Facebook over breach of privacy
views 70
A data privacy campaigner Max Schrems accused Facebook of violating European Union laws in a class action over online privacy gathering support of 25,...

SHARE WHAT YOU THINK