Untitled attachment

Notices where this attachment appears

1. Fa Conti (faconti@quitter.se)'s status on Tuesday, 30-Jan-2018 04:35:19 UTC Fa Conti
   #WhatsApp Security Flaws Could Allow Snoops to Slide Into Group Chats - 
   http://qttr.at/21ph  -
   RT @internetlabbr #invasao #seguranca
2. rugk -> ⚠️ Follow me at https://social.wiuwiu.de/@rugk (rugk@gnusocial.de)'s status on Tuesday, 16-Jan-2018 20:55:42 UTC rugk -> ⚠️ Follow me at https://social.wiuwiu.de/@rugk
   BTW, the news just going around the group chat vulnerabilities in major crypto protocol were public in July 2017 (see my own summary below; which is still valid AFAIK). Good explanation on https://www.wired.com/story/whatsapp-security-flaws-encryption-group-chats/
   
   Seems news outlets need talks (RealWorldCrypto in Swizerland) to notice such things… :)
   And authors seem to revised their paper in 2018, too.
   
   @rugk
   https://gnusocial.de/notice/10788447 !threema 
3. தோட்டக்காரன்(gardener) (solariiknight@social.systemreboot.net)'s status on Friday, 12-Jan-2018 15:34:28 UTC தோட்டக்காரன்(gardener)
   The German researchers say their WhatsApp attack takes advantage of a simple bug. Only an administrator of a WhatsApp group can invite new members, but WhatsApp doesn't use any authentication mechanism for that invitation that its own servers can't spoof. So the server can simply add a new member to a group with no interaction on the part of the administrator, and the phone of every participant in the group then automatically shares secret keys with that new member, giving him or her full access to any future messages. (Messages sent prior to an illicit invitation, fortunately, still can't be decrypted.)
   https://www.wired.com/story/whatsapp-security-flaws-encryption-group-chats/