Telegram's Durov has penned strong words about how bad WhatsApp's data privacy rules are
Pavel Durov, the mastermind behind the WhatsApp rival and one of the highly-acclaimed apps for privacy protection – Telegram, has spoken up following the debacle circling the security loopholes in WhatsApp. After an NSO Group-owned firm, based out of Israel, injected spyware to WhatsApp to test if it can be hacked, Facebook confirmed the breach and urged WhatsApp users to update the app immediately. Taking a cue, Durov shared the sentiment in a blog post titled “Why WhatsApp Will Never Be Secure”.
Telegram co-founder, who hails from Russia, called out how badly the user privacy is handled by WhatsApp. The official confirmation that a single call on WhatsApp can be used to intrude the users’ data from Facebook sent shivers down WhatsApp users’ spine. But Durov says he was not surprised, as the latest security flaw is just a part of many failures of WhatsApp in securing the data of its users. “Looking back, there hasn’t been a single day in WhatsApp’s 10-year journey when this service was secure.”
Why WhatsApp will never be secure https://t.co/kHfTiWdNQw
— Pavel Durov (@durov) May 15, 2019
WhatsApp’s latest run-in with a major security breach is not news – it has, in the past, fallen prey to sponsored and malicious attacks in one form or the other. By the time one loophole is patched, another one crops up alarmingly. “Every time WhatsApp has to fix a critical vulnerability in their app, a new one seems to appear in its place,” Durov wrote.
No matter how much Facebook oversells the end-to-end encryption on WhatsApp, Durov believes that it’s a deliberate action on the company’s part. Facebook knowingly hides the source code, which poses a challenge to security researchers in determining underlying vulnerabilities. Leveraging how tightly-packed the source code is, the company could create backdoors for the governments and hackers to bypass the security on the app.
The measure in question is end-to-end encryption that WhatsApp relies on to act as a firewall between the user data and hackers. But contrary to Facebook’s claims, security experts have time and again expressed their concern on the extent of this technology as a standalone measure to fight hacking attempts. “All of their security issues are conveniently suitable for surveillance, and look and work a lot like backdoors,” Durov said in the post.
In addition to the criticism, Durov has some suggestions for WhatsApp if it wants to become as secure as Telegram is. Durov claims Telegram did never have a significant security flaw or a data leak “of the kind WhatsApp demonstrates every few months” in its six years of existence. If WhatsApp wants to overcome these mishaps, it may as well risk losing some of its markets, in addition to countering the government in “their home country.” But WhatsApp is not ready, according to Durov.