您现在的位置是:探索 >>正文
【】
探索23人已围观
简介Last week, The Guardianpublished a bombshell "exclusive" report claiming to reveal disturbing inform ...
Last week,The Guardianpublished a bombshell "exclusive" report claiming to reveal disturbing information about a "backdoor" into WhatsApp's encrypted messaging platform. According to the story, the vulnerability could potentially expose the service's user base of over a billion to "snooping" by prying eyes.
SEE ALSO:Sad! Trump reportedly forced to give up the phone he tweets withThe article was met with near-immediate backlash from information security experts and cryptologists, who took to Twitter to voice their complaints. Many alleged the article misrepresented a feature of the encryption WhatsApp's parent company, Facebook, called "expected behavior."
Statements from WhatsApp and Open Whisper Systems, the development team behind WhatsApp's encryption, decried the story as well, calling it "false" and "disappointing."
Now, many of those critical voices are calling for action. An open letter signed by 40 security experts requests that The Guardianretract the story, issue an apology and make efforts to ensure that similar reports won't be filed in the future without proper due diligence.
Secure communication is crucial. Plea from cryptographers & researchers on Guardian's irresponsible WhatsApp piece: https://t.co/4r2QAuByrf pic.twitter.com/YB0Y2PrPzj
— Zeynep Tufekci (@zeynep) January 20, 2017
The letter addressed to the "GuardianEditors" was written by sociologist Zeynep Tufekci, who characterizes the report as being "the equivalent of putting 'VACCINES KILL PEOPLE' in a blaring headline over a poorly contextualized piece."
She later claims the story has already led to real-world ramifications, citing reports of the Turkish media labeling WhatsApp as unsafe, prompting concerned users to move their vulnerable communications to "services that are strictly less secure than WhatsApp."
"People’s lives and safety are at stake," she writes.
Thanks to Guardian's irresponsible & baseless WhatsApp reporting, I'm flooded w reports of vulnerable folk switching to less secure options.
— Zeynep Tufekci (@zeynep) January 16, 2017
According to Tufekci, the problem here isn't just the tone of The Guardian's story — the information contained within is either willfully or unintentionally misleading its audience.
"The behavior described in your article is not a backdoor in WhatsApp [emphasis hers]," she writes, claiming that her position holds the "overwhelming consensus of the cryptography and security community."
The Guardian's article cites findings from UC Berkley doctorate student Tobias Boelter. He claims that WhatsApp's vulnerability stems from its end-to-end encryption's handling of messages sent to offline users in the event of a change of phone or SIM card. Rather than requiring its users to reconfirm their security keys in order for the message to be received, WhatsApp sends along the undelivered message automatically, informing the recipient afterward that the security key changed.
He (and then The Guardian) compared that system to another secure messaging app, Signal, which is held by many to be the gold standard for end-to-end encryption. Rather than letting the messages through, Signal blocks them until the keys can be reconfirmed.
That said, Signal and WhatsApp's end-to-end encryptions use the same protocol from Open Whisper Systems — this is the only way their systems differ.
And according to Tufecki, this isn't a "backdoor" — it's a means to increase reliability for WhatsApp users, who often have different priorities than those depending on Signal. "The very thing that makes Signal a recommendation for people at high risk — that it drops messages at any sign of hiccup — prevents a large number of ordinary people from adopting it," she writes.
She calls Boelter "a single well-meaning graduate student," whose inexperience and enthusiasm at finding a potential issue with one of the world's most popular app's security likely led him to "overestimate the practical impact" of the vulnerability.
Rather than holding him responsible, she criticizes The Guardianfor its lack of due diligence in confirming Boelter's findings with other experts (both WhatsApp and Open Whisper Systems claimed they were not contacted before the article was published) and calls for the publication, which she still says she harbors "great respect for," to retract the story.
When reached for comment by Mashable, a Guardianspokesperson provided us with this statement:
"We ran a series of articles highlighting and discussing a verified vulnerability in WhatsApp and its potential implications. WhatsApp was approached prior to publication and we included its response in the story, as well as a follow up comment which was received post-publication. While we stand by our reporting we have amended the article's use of the term 'backdoor' in line with the response and footnoted the articles to acknowledge this. We are aware of Zeynep Tufekci's open letter and have offered her the chance to write a response for the Guardian. This offer remains open and we continue to welcome debate."
We were unable to reach Tufecki for comment, but a recent Tweet makes her position on The Guardian's offer to write a response clear:
My writing a piece for the Guardian is not the answer. Guardian needs to retract, explain, learn from. https://t.co/RrK6IZ1PMB
— Zeynep Tufekci (@zeynep) January 20, 2017
With interest in secure messaging high in today's turbulent political climate, it's important for users to educate themselves on the systems they trust with their most vulnerable information. While the response to The Guardian's report from the security community was strong and swift, the potential vulnerability to WhatsApp still exists, even if it is tiny. To help decide if WhatsApp's system works for you, we suggest reading more about it in the Electronic Frontier Foundation's report on the topic.
Featured Video For You
The best way to understand encryption is through this tale of love and mystery
TopicsCybersecurityWhatsApp
Tags:
转载:欢迎各位朋友分享到网络,但转载请说明文章出处“夫榮妻貴網”。http://new.maomao321.com/news/34e56599400.html
相关文章
Aly Raisman catches Simone Biles napping on a plane like a champion
探索Simone Biles is exhausted. She won five medals at the Summer Olympics in Rio, posed for selfies with ...
【探索】
阅读更多Team Trump's 'Keep Iowa Great' plane photo is getting mocked
探索Tim Murtaugh, the director of communications for President Donald Trump's re-election campaign, trie ...
【探索】
阅读更多'Star Trek: Strange New Worlds' is about the only captain that predates Kirk
探索Longtime Star Trek fans undoubtedly know this bit of trivia, but William Shatner's famed Enterprise ...
【探索】
阅读更多
热门文章
- Donald Trump's tangled web of Russian influence
- Uber drivers and passengers will have to wear face masks in the U.S.
- Trump says he will look into pardoning 'Tiger King' star Joe Exotic
- Streaming films are eligible for next year's Academy Awards — but there's a catch
- Michael Phelps says goodbye to the pool with Olympic gold
- Martin Shkreli won't get released from prison to research coronavirus
最新文章
Give your kitchen sponge a rest on this adorable bed
Tim Kaine becomes an unlikely cowboy anti
Beethoven's 'Ode to Joy' is smashing the UK charts thanks to Brexit
Toilet paper drone delivery for San Francisco man sheltering in place
Aly Raisman catches Simone Biles napping on a plane like a champion
Amazon will survive the coronavirus. But local bookstores are fighting for their lives.