Facebook can read your private WhatsApp conversations and snooping governments might be having a look too.
Privacy campaigners say the chilling revelations are a “huge threat to freedom of speech” and claim that governments might exploit it.
A vulnerability in how the popular messenger secures communications allows Facebook and other agencies to intercept everything you write, a chilling study has found.
Facebook – who owns WhatsApp – has previously said that nobody can intercept its billion-plus users’ messages.
However, a security researcher recently discovered that might not be the case, thanks to the way they are encrypted.
Tobias Boelter, a cryptography and security researcher at the University of Berkeley, spotted the flaw back in April 2016.
After alerting the social network he was told that there would be no further investigations and the backdoor still remains.
There are also fears government agencies could intercept your private chats too.
Boelter told The Guardian: “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.”
A WhatsApp spokesperson said: “Over one billion people use WhatsApp today because it is simple, fast, reliable and secure.
“At WhatsApp, we’ve always believed that people’s conversations should be secure and private. Last year, we gave all our users a better level of security by making every message, photo, video, file and call end-to-end encrypted by default. As we introduce features like end-to-end encryption, we focus on keeping the product simple and take into consideration how it’s used every day around the world.
“In WhatsApp’s implementation of the Signal protocol, we have a “Show Security Notifications” setting (option under Settings > Account > Security) that notifies you when a contact’s security code has changed. We know the most common reasons this happens are because someone has switched phones or reinstalled WhatsApp. This is because in many parts of the world, people frequently change devices and Sim cards. In these situations, we want to make sure people’s messages are delivered, not lost in transit.”