We live in a world where the faster and better communication is the happier we are as consumers. One of these ways to be able to communicate faster is through an application called WhatsApp and also the newly launched eBuddy XMS. Both of these applications bring a unique way to be able to communicate quickly in this fast paced world we live in.
While WhatsApp brings a Blackberry Messaging experince to phones and is an overall great idea, there is an issue regarding a security hole. According to reports from Spanish and Dutch language websites that there is a security hole within the application. The security flaw happens to be with the authentication process which allows your messages to be read by almost anyone that has a prepaid phone and a WiFi connection.
This story was first reported or at Tweaker.net via GeenStijl and since then more information has surfaced. This is how it started:
- The verification process consists of signing up with a phone number, then WhatsApp sends a text message to the entered number.
- If verification is sent from a mobile device that is pre-paid, but does not have pre-paid time, the message will be stuck in a queue.
- Due to a hole in the process, even if the text message is not received and then replied to, WhatsApp still verifies the device and allows the receipt of WhatsApp messages, as well as the display of the numbers from which the messages were sent.
There are two sides to this issue. First, WhatsApp uses port 443 which is commonly used for encrypted traffic, however the information that is being sent through the port does not have any type of security attached to it. Secondly, once the information has been transmitted , it an easily be picked up by anyone that may be searching ports through public WiFi. What happens when all this takes place is the information being sent can be intercepted. These includes voice, text and images. What makes this issue even worse is the fact that since the information comes from a different number, the second number can also be intercepted and hijacked.
WhatsApp does inform users when they have signed up for service on a new device, however, the message will only get sent to the newer of the devices. Due to this issue a hijacked user will not even know that they have been hijacked.
Now just in case you happen to use this application and decide to switch up to one that is a safer you may be happy to hear that the creators of eBuddy have announced the worldwide launch of their new global application eBuddy XMS.
This application is free to use and brings users of iOS and Android the ability to send and receive messages in real time. The biggest benefit is it is completely secure!
it is very simple to use and add friends. You can simply add friends by scanning your phone book and Facebook profiles along with being able to simple send them an invite through SMS, email, Twitter or Facebook. Another benefit of this messaging application is the personalization options that are available. These include picture sending and receiving along with over 100 different emoticons.
This application is already available in the Android Market via this link.
Let us know your thoughts on these two applications and as soon as we know more regarding WhatsApp we will be sure to update you.