In 2016, WhatsApp announced it was rolling out “end-to-end encryption” but is the company doing what it claims to be doing?
Back in April 2016, when “WhatsApp Inc” announced it was rolling out “end-to-end encryption” (E2EE) for its billion-plus strong user base as a default setting, the messaging behemoth signaled to its users it was at the forefront of providing technological solutions to “protect privacy.”
Emphasized in the security “white” paper explaining the implementation of the technology is the encryption of both forms of communication – one-to-one and group and also of all types of messages shared within such communications – text as well as media.
Simply put, all communication taking place over “WhatsApp” would be decipherable only to the sender and recipient, it would be “virtual gibberish” even to WhatsApp.
This announcement came in the backdrop of Apple locking horns with the FBI after being asked to provide a backdoor to unlock the San Bernardino mass shooter’s iPhone. This further reinforced WhatsApp Inc’s stand on the ensuing debate between the interplay of privacy and security in the digital age.
Kudos to WhatsApp, for there is growing discussion around how encryption and anonymity is central to enabling secure online communication which in turn is integral to essential human rights such as those of freedom of opinion and expression.
WhatsApp may have taken encryption to the masses, but here we outline why WhatsApp’s provisioning of privacy and security measures needs a more granular analysis. Security issues with WhatsApp’s messaging protocol certainly are not new.
A study published by a group of German researchers from Ruhr University highlighted issues with WhatsApp’s implementation of its E2EE protocol to group communications. Another paper points out how WhatsApp’s session establishment strategy itself could be problematic and potentially be targeted for what are called “man-in-the-middle” (MITM) attacks.
An MITM attack takes the form of a malicious actor, as the term suggests, placing itself between the communicating parties to eavesdrop or impersonate. The Electronic Frontier Foundation also highlighted other security vulnerabilities, or trade-offs, depending upon ideological inclinations, with respect to WhatsApp allowing for storage of unencrypted backups, issues with WhatsApp’s web client and also with its approach to cryptographic key change notifications.
Culling out larger issues with WhatsApp’s privacy policies is not the intention here. What we specifically seek to explore is right at the nexus of WhatsApp’s security and privacy provisioning clashing with its marketing strategy: the storage of data on WhatsApp’s servers, or “blobs,” as they are referred to in the technical paper.
In WhatsApp’s words: “Once your messages, including your chats, photos, videos, voice messages, files and share location information, are delivered, they are deleted from our servers. Your messages are stored on your own device.”
In fact, this non-storage of data on their “blobs” is emphasizes at several other points on the official website. Let us call this the deletion-upon-delivery model.
While drawing up a rigorous proof of concept, made near-impossible thanks to WhatsApp being a closed source messaging protocol, a simple experiment is enough to raise some very pertinent questions about WhatsApp’s outlined deletion-upon-delivery model.
It should, however, be mentioned that the Signal Protocol developed by Open Whisper Systems and pivotal in WhatsApp’s rolling out of E2EE is open source. Here is how the experiment proceeds:
Rick sends Morty an attachment. Morty then switches off the data on her mobile device. Rick downloads the attachment, an image. Subsequently, Rick deletes the image from his mobile device’s internal storage.
Rick then logs into a WhatsApp’s web client on his browser. Prior to this experiment, both Rick and Morty had logged out from all instances of the web client. Upon a fresh log-in to the web client and opening the chat with Morty, the option to download the image is available to Rick.
The experiment concludes with bewilderment at WhatsApp’s claim of deletion-upon-delivery as outlined earlier. The only place from which Morty could have downloaded the image would be from Facebook’s “blobs.” The attachment could not have been retrieved from Morty’s mobile device as it had no way of sending data and neither from Rick’s mobile device as it no longer existed in the device’s storage.
Another straightforward experiment that leads to a similar conclusion is seeing the difference in time taken for a large attachment to be forwarded as opposed to when the same large attachment is uploaded. Forwarding is palpably quicker than uploading afresh: non-storage of attachments on the “blob” would entail that the same amount should be taken for both.
The “Signal Protocol” is the undisputed gold standard of E2EE implementations. It is the integration with the surrounding functionality that WhatsApp offers which leads to vulnerabilities. After all, a chain is only as strong as its weakest link. Assuming that the attachments stored on the “blobs” are in encrypted form, indecipherable to all but the intended recipients, this does not pose a privacy risk for the users from a technological point of view.
As we were putting the final touches to this piece, news from WABetaInfo, a well-reputed source of information on WhatsApp features, has broken that newer updates of WhatsApp for Android are permitting users to re-download media deleted up to three months back.
As the aphorism goes: “When the service is free, you are the product.”