Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'whatsapp'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 70 results

  1. TextNow Dedicated Virtual Mobile Phone Number (USA) & Unlimited Free International Call to USA/Canada - UK Landline + Ability to Use Whatsapp Without SIM Card How is TextNow different from Whatsapp and Viber ? App Highlights Free Landline & Mobile call to USA/Canada (Tested to USA both Landline and mobile numbers) Free Landline to UK (Tested by myself) Sending Free SMS depending of the Country Zone... Receiving Verification Code: Currently Google & Microsoft Account verification code not working myself. Instruction: Signup for free during registration when you asked area code enter: 208 (That is the area code I can only get Whatsapp recognize the Phone Number) I got 2 Free USA Mobile Phone Number: (734) Whats up does not accept as a valid USA Number --> Got the number when ı enter Area cone 734 (208) Accepted number --> Have that number when I enter 555 during Area Code selection. Homepage:https://www.textnow.com/ Android:https://play.google.com/store/apps/details?id=com.enflick.android.TextNow&hl=en iTunes:https://itunes.apple.com/us/app/textnow-free-text-+-calls/id314716233?mt=8 Windows Phone:https://www.microsoft.com/en-us/store/p/textnow/9wzdncrfj38m (Android) TextNow – free text + calls PREMIUM v5.2.0 [Unlocked] Site: http://txt.do Sharecode[?]: /dtu7s ========================================================= How to Use WhatsApp Without Phone Number or SIM Via TextNow Method: In this method to use whatsapp messenger without sim verification, you need to install Textnow app on your android/ iPhone or windows phone. Using the Textnow number, you can install whatsapp without simcard. You need to have internet connectivity over wifi. Download Textnow app for your iPhone/Android/Windows phone. After installation, you will be provided with a Textnow number (when you asked area code enter: 208) We will use this number to run whatsapp without sim card. While setting up the whatsapp account, provide this Textnow number for verification. Then, wait for the Whatsapp sms verification to fail. You will be asked to verify your Whatsapp account via Call. Tap on the Call Me verification method You will get a call for the Textnow number, enter the interactive voice response Whatsapp verification code provided. Voila, you have installed whatsapp without sim using internet. Homepage:https://www.whatsapp.com/ Andrid:https://play.google.com/store/apps/details?id=com.whatsapp&hl=en iTunes:https://itunes.apple.com/tr/app/whatsapp-messenger/id310633997?mt=8
  2. Watch out! There’s a WhatsApp account thief about! Have you received an email claiming to come from WhatsApp that warns that you have been using the service for more than one year and that it’s time to take out a subscription? Beware! The emails are, of course, a scam designed to trick you into clicking links that might result in you handing your payment information over to fraudsters. Part of the email reads as follows: What makes the scam somewhat more convincing is that in the past WhatsApp did use to ask users to pay a fee after they had been using the service for over a year. But that all stopped in January 2016, when WhatsApp announced that it would no longer charge a fee, and was making its app completely free for everybody. So, don’t be duped into clicking on suspicious links claiming to come from WhatsApp suggesting you need to pay your subscription to continue to use the app. It’s not just nonsense, it’s potentially dangerous nonsense that could leave a hole in your wallet. And while we’re on the subject, as others have previously warned, you should always be wary of unsolicited SMS text messages claiming to come from WhatsApp demanding that you verify your account and buy a WhatsApp subscription. You ultimately decide what links you click on, and whether you hand over your passwords and payment card details. Always think twice, because the wrong decision could prove costly. Article source
  3. Fake website : http://шһатѕарр.com/?colors Actual site it redirects to : http://blackwhats.site/ Archive.is link : http://archive.is/9gK5Y Screenshots when you visit the website in smartphone : http://imgur.com/a/UsKue User gets the message saying whatsapp is now available with different colors " I love the new colors for whatsapp http://шһатѕарр.com/?colors " When you click the fake whatsapp.com url in mobile, the user is made to share the link to multiple groups for human verification. once your done sharing you are made to install adware apps, after you have installed the adware the website says the whatsapp color is available only in whatsapp web and makes you install an extention. Fake whatsapp extention : https://chrome.google.com/webstore/detail/blackwhats/apkecfhccjhdmicfliebkdekbkoioiaj these fake sites and spam messages are always circulating in whatsapp. Source Fake WhatsApp.com URL gets users to install adware Next time someone links you to whatsapp.com, make sure you take a second look. There’s some adware currently circulating around the web by tricking users to visit a ‘шһатѕарр.com’ domain instead. Yes, those are different URLs – the fake URL uses characters from the Cyrillic alphabet. As spotted by redditor u/yuexist, the site promises to let you install WhatsApp in different colors – I mean, everyone likes color options, right? If you visit the link, you’re asked to share the site with your friends for ‘verification.’ Your friends then receive a message saying “I love the new colors for whatsapp’ along with the fake URL. Once you’ve ‘verified’ yourself, you’re then told that WhatsApp’s colors can only be accessed on a desktop, and are asked to install an extension from the real Chrome Web Store called BlackWhats (still, click at your own risk). All this should send about 27,531 red flags to anyone remotely tech savvy, but there are plenty of WhatsApp users who don’t spend their time on tech blogs and might fall for it – the fake URL is certainly convincing enough at first glance. The extension itself has over 16,000 users and a 4 star rating from 55 ratings, though there are only 3 text reviews – it’s hard to tell if these ratings are somehow fake. We’ve reached out to Google to alert them about the adware. And as always, make sure to double check URLs on any unexpected links you may receive. Update: Google has removed this extension from the Chrome Web Store. Good riddance. Article source
  4. The idea of watching a whole season of your favorite TV how or the latest movies online for free is extremely appealing. Fraudsters are all too aware of this, as we’ll show. And it is obvious that cybercriminals are using Netflix – which has almost 100 million users – to spread their attacks, as it is one of the most popular ‘internet television networks” in the world today. In this post, we look at how fraudsters are using this well-known brand as the hook for a news WhatsApp scam. Let’s analyze how this false campaign, which offers users free access to Netflix for a whole year, works, and also look at how it has ended up misleading thousands of people worldwide. The initial message and its multiple false sites First things first – if you have received messages from trustworthy WhatsApp contacts inviting you to gain free access to the service through a particular link, let me be clear … Don’t do it! Don’t click on the link! Don’t share it! As we can see with the following images (in both the Spanish and English versions), the message appears to come from the Netflix.com domain. However, when users look at the shortened URL, they’ll notice that clicking on it will redirect them to another domain that is not related with the legitimate Netflix.com site: Spanish version English version Portuguese version The first click on the campaign takes the user to an external domain unrelated to Netflix, which curiously uses a trusted certificate as shown in the following image: Just like Netflix, it is also multilingual Another curious fact is that the page has the capacity to detect the language of the device and can change its language automatically. The following images show the same campaign in Spanish, Portuguese, and English: The method used for this scam is similar to what we are used to. The page promises a year’s worth of services from Netflix, provided that the user shares the fraudulent link with at least 10 of their contacts. Meanwhile, the page checks the number of times the user presses the share button, and if the target is not reached, opens another window requiring the victim to continue sharing the link. Then, the victim is redirected to pages that falsely claim that they are on the “final step” to achieve activation, when what is really happening is that they are stealing information from users’ mobile phones for different types of subscriptions, or opening the system’s messaging application in order to send an SMS to a premium number with a certain text or even encouraging users to download applications from unofficial sites. What should you do if you shared or clicked on the link? First of all, stay calm. It’s important to understand that, contrary to what some people believe, this is not a “WhatsApp virus” as there is no executable file that is being downloaded and installed in the terminal when you access the page. Although it is a potential risk, we have not found evidence that the fraudulent sites are attempting to exploit the vulnerabilities of the connected devices; so, in theory, there is no greater risk of infection by simply clicking on the link. If you have shared the link with friends and family, follow these steps: Get in touch with them as soon as you can and let them know that it is a scam and to stop sharing the message. If you entered your telephone number into any form, as seen in previous images, get in touch with your telephone provider to ensure that you have not subscribed “without noticing” to a premium messaging service that charges a fee. Finally, if you have downloaded any applications onto your cellphone, uninstall them. If you can’t do this, get in touch with a professional who can do it for you and restore the device to its manufacturing settings. Remember that you should think twice about these messages with shortened links and consider their trustworthiness before sharing. Given that the campaign is multilingual, it has the capacity to spread much faster, not only in Spanish-speaking countries but also in countries where English or Portuguese is spoken. Likewise, it is important to notify any users that have sent you the link about the importance of not providing their mobile phone numbers to Premium SMS services. In this way, you can be a hero, not in your favorite online seasons, but in real life, by putting a stop to these malicious campaigns and enjoying more secure use of your technology. Article source
  5. UK Home Secretary Amber Rudd on Sunday called for greater government access to encrypted content on mobile apps. Apps with end-to-end encryption, like Facebook's WhatsApp, should not be allowed to conceal terrorists' communications from law enforcement, Rudd said in an appearance on The Andrew Marr Show, a BBC broadcast. "There should be no place for terrorists to hide," she said. "We need to make sure that organizations like WhatsApp -- and there are plenty of others like that -- don't provide a secret place for terrorists to communicate with each other." Khalid Masood, who killed four people outside the UK's parliament building last week before being shot dead, reportedly used WhatsApp a few minutes before going on his murder spree. "On this situation, we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp," Rudd maintained. Backdoor Law in Place? Even though she supported end-to-end encryption as a cybersecurity measure, Rudd later said in an interview on Sky News, it was "absurd" to have terrorists talking on a formal platform and not have access to those conversations. "We are horrified at the attack carried out in London and are cooperating with law enforcement as they continue their investigations," WhatsApp spokesperson Anne Yeh said in a statement provided to TechNewsWorld. During her appearance on Marr's show, Rudd disclosed that she would be meeting with Facebook and other technology companies on Thursday to discuss ways to meet the information needs of security officers. She did not rule out new legislation to regulate encrypted messaging if the government and the tech companies were unable to reach an accord. However, that law may already exist. The UK last year adopted the Investigatory Powers Act, which compels tech companies to "provide a technical capability" to remove "electronic protection" within their products. That law has been interpreted in some quarters to mean that tech companies can be compelled to install "backdoors" into their products in order to decrypt data when necessary. A backdoor would not have helped prevent Masood's attack, however. "To use a backdoor, you have to identify somebody as a target and hack them," explained Matthew Green, a computer science professor specializing in cryptography at Johns Hopkins University. "With this terrorist, they identified this person and decided he wasn't a threat and stopped monitoring him," he told TechNewsWorld. "Nothing is going to help once you look at a guy then look away." No Door Secure Enough Backdoors have been criticized as a means to meet the information needs of law enforcement because they undermine the purpose of encryption. "Many technologists and even many in law enforcement have acknowledged there's no secure backdoor," said Chris Calabrese, vice president for policy at the Center for Democracy & Technology. "You simply cannot build a door that only the good guys can walk through," he told TechNewsWorld. "If you start building backdoors, they will be exploited by hackers; they will be exploited by terrorists." Tech companies have been skeptical of creating backdoors to break the encryption used by their products and then turning over the keys to law enforcement. Another idea floated is that the companies should create the backdoors but retain control of the keys to prevent abuse. "That won't work. The systems are too complicated and the backdoors too difficult to keep secure," Calabrese said. "Companies don't want to have to worry about their employees misusing these keys, and they don't want to have to secure them," said Johns Hopkins' Green. Application Hopping Even if backdoors were installed in applications like WhatsApp, they most likely would miss their mark -- assuming that mark is to prevent terrorists from communicating securely. "If the bad guys feel that this application has been compromised by government officials and backdoors become available, this leads to a simple response by the bad guys -- use a different application," explained Paul Calatayud, CTO at FireMon. "WhatsApp is a third-party application on a mobile device," he told TechNewsWorld. "Nothing prevents the bad guys from moving to a lesser known third-party application." While WhatsApp can't crack the encrypted contents on the parliament killer's phone, it still can provide authorities with information about the terrorist's phone activity -- such as the time a message was sent, who it was sent to, and the physical location of the sender and recipient. "It doesn't matter what this guy said before he did this thing," said Bruce Schneier, CTO of IBM Resilient. "What matters is who it was, and WhatsApp doesn't protect that." Investigators can access all kinds of information without recourse to backdoors, he told TechNewsWorld, "but that would require a real conversation about the problem, which you don't get from these people who grandstand after tragedies." Source
  6. Google will meet UK govt Google is going to participate in a meeting with the British government this week, a meeting that seems to have been sparked by the terror attack that took place in London last week. The meeting will likely focus on the advantages and disadvantages of offering end-to-end encryption to users, something that British authorities have been quite vocal these past few days, especially as they slammed WhatsApp for not providing them with the last messages sent out by the author of the attack, something that is impossible due to the same encryption featured in the messaging app. For its part, Google will also be scolded over the extremist material accessible through its search engine, and even on YouTube. Google confirmed to Business Insider that it is among the companies that will participate at this meeting with the British government, although it declined to comment further. Although not confirmed, as of yet, Facebook will probably be on the same list of participants, along with Yahoo and even Apple. "There should be no place for terrorists to hide," Home Secretary Amber Rudd said in regards to the terrorist incident, and, more specifically, to the fact that encryption helped hide the terrorist's last sent messages. The neverending discussion over encryption There are many messaging apps that provide end-to-end encryption, including Google's Allo, Apple's iMessage and many others, from other companies. This, of course, is the perpetual discussion over whether or not people should be allowed to have complete privacy of their communications via end-to-end encryption. Security experts and tech companies say "yes," while authorities and politicians say "no" due to the "inconvenience" of being unable to decrypt these conversations. In fact, on numerous occasions, people that have been put in positions of power, in the United States and Europe alike, have called for encryption backdoors to be used by law enforcement. This, however, would make billions of users vulnerable to hackers and government surveillance. Source
  7. WhatsApp can't hand over messages End-to-end encryption services like WhatsApp are once more being slammed for offering protection for users everywhere. This time, the UK is doing all the finger pointing, and it's because of the terrorist attack that took place on Wednesday. British Home Secretary Amber Rudd has accused WhatsApp of giving terrorists "a place to hide," after the company has failed to comply with a demand to hand over the last messages sent by London attacker, Adrian Ajao, the Telegraph reports. "This terrorist sent a WhatsApp message, and it can't be accessed," Rudd said. She also said that it is completely unacceptable for end-to-end encryption to be offered because there should be no place for terrorists to hide. "We need to make sure that organizations like WhatsApp - and there are plenty of others like that - don't provide a secret place for terrorists to communicate with each other," she added. The British authorities are complaining that Scotland Yard and the security services cannot access encrypted messages sent via WhatsApp, so they cannot know who Ajao contacted or what the told them before the attack. Not only did Rudd slam WhatsApp, but also went after Google and social media platforms which have been known for being late to take down extremist material or refusing to take it down altogether due to their protection of "free speech" and the way their Terms are worded. A much-desired backdoor This isn't the first time, nor will it be the last time, when WhatsApp and other similar services, as well as encrypted email tools, are slammed by authorities. End-to-end encryption is supposed to protect users from hackers, but also mass-surveillance, such as that exposed by Edward Snowden's NSA files. The way it works, a message is encrypted the second it is sent by one user, and it only gets decrypted once it reached the recipient. In this way, WhatsApp doesn't have access to any plain-text messages, which means it cannot share anything with authorities. In recent months there have been more and more voices asking for encryption backdoors for authorities, something that tech companies will likely never agree to; not without losing users in droves. Source
  8. WhatsApp and Telegram fix big vulnerability WhatsApp and Telegram have patched critical flaws in their apps that could allow attackers to gain control over user accounts. According to researchers from Check Point Software Technologies, they discovered issues with the way the two apps process several types of files without checking to see if they contain malicious code. They mention that the online versions of these platforms - WhatsApp Web and Telegram Web - mirror all messages sent and received by the user, being fully synced with the smart device. If exploited, the vulnerability they found could allow attackers to completely take over users' accounts on any browser, access their personal and group conversations, photos, videos and other shared files, as well as contact lists and basically any other information they share with the app. That translates into someone stealing your photos, sending messages in your name, demanding ransom, and so on. So how does this work? Well, it all starts with the attacker sending a file that looks innocent to the victim, but which contains malicious code. The file can be easily modified to make sure the victim takes the bait and opens it. Once it is opened, the attacker can go ahead and "own" the account. "Since messages were encrypted without being validated first, WhatsApp and Telegram were blind to the content, thus making them unable to prevent malicious content from being sent," researchers note in their post. The vulnerability was disclosed to WhatsApp and Telegram last week, and they've both rolled out updates for their web clients soon after. All users need to do to get the update is restart their browser, so it's probably safe to say everyone is now protected. The impact of this bug is massive. WhatsApp has over 1 billion users worldwide, and Telegram has another 100 million monthly users. It's unknown at this point what percentage of these numbers use the web platforms provided by the apps. The technical details In the case of WhatsApp, Check Point researchers managed to bypass the restrictions set by the app's mechanism by uploading a malicious HTML document with a legitimate preview of an image to fool a victim into thinking they were clicking on a link to view a cool cat picture, or whatever else may interest them. Once the victim clicks on the document, the URL is accessed and users can say good-bye to their accounts. "Once he clicks on the file, the victim will see a funny cat under blob object which is an html5 FileReader object under web.whatsapp.com. That means the attacker can access the resources in the browser under web.whatsapp.com," the post reads. The user doesn't have to do anything else because just clicking on the link makes the victim's local storage data available to the attacker. Via a JavaScript function that checks frequently for new data, the local storage is replaced with the victim's. The attack on Telegram works pretty much the same with the attackers having to bypass the upload policy in order to upload a malicious HTML document with a mime type of a video file. Once the file is accessed, the attacker can get its hands on the users' data. Thankfully, however, this problem has been fixed. It is unknown if anyone else picked up on the problem before it was reported to the two companies. "This flaw shows how difficult it is to balance security and usability. WhatsApp did the right thing by encrypting the content, but by doing it too early in the message analysis pipeline, they could not determine that a message might be crafted to contain malicious code. This code could then access malicious information, which could be used to log into a user’s account for the web application. This flaw could be easily mitigated by using 2-factor authentication (recently introduced by WhatsApp), which has been proven to be one of the best security mechanisms to prevent wide-spread compromise," said Professor Giovanni Vigna, co-founder of malware detection firm Lastline. “As the bad guys get smarter our applications need to keep up. More and more of our communications are open to abuse from cybercriminals and the opportunistic eaves dropper. One of the ways to get around this process is using something called end-to-end message encryption. WhatsApp states that “When end-to-end encrypted, your messages, photos, videos, voice messages, documents, status updates and calls are secured from falling into the wrong hands.” I.e. I encrypt it (automatically) from my application before I send it and you decrypt it at your end when you receive it. That means if anyone compromises the data in transit they are unable to use or identify anything within it, and there lies the problem - it limits your options for checking for anything malicious. Luckily this only affected the web platform so once resolved by WhatsApp themselves it only requires a browser restart," added Mark James, security specialist at ESET. Updated to include expert commentary. Source
  9. Encrypted messaging apps are safe, as long as the CIA doesn't target you There seems to be a bit of an uproar online as people are urging each other to dump the messaging apps they've been using because the CIA can render useless the encryption safeties they set in place. The problem, however, is with the operating systems of the phones, not the apps themselves, Following the Vault 7 revelations from WikiLeaks, many people worry that their privacy is at risk due to the newly exposed capacities of the CIA. Of course, so far, there's been no indication that the CIA is doing anything illegal with its powers, aside from the fact that it really should be sharing the zero-day vulnerabilities it finds with the companies they affect so they can fix them and protect millions of users. Then, there's the fact that, according to the files, the CIA has developed malware that can bypass the encryption layers used by apps such as WhatsApp, Signal, Telegram and so on. This isn't the fault of the apps, however, since the CIA based its malware on vulnerabilities it discovered in iOS and Android, zero-day bugs it chose to keep secret rather than share with Apple and Google, respectively. There's nothing the app can do if the OS is compromised Basically, when the operating system is attacked in such a way, there's very little an app can do to protect the user further. The app itself is made to fit with the operating system; it depends on it to work properly. Once you receive a message, the app will do what it was built to do - decrypt the message. If the operating system has been compromised by malware such as the one built by the CIA, the data is no longer protected. Even regular hackers can compromise your device without that much trouble as bypassing app encryption settings. If, for instance, you tap a link you shouldn't, download a malicious file which then triggers a malware to be downloaded to your device, you can be just as vulnerable. One method many hackers use to get their hands on your data is to take a screenshot every half second, or every second. That alone would expose whatever you are typing, protected by end-to-end encryption or not. The CIA's job Once more, we should point out that there is no indication that CIA is using these tools on the masses. They could very well simply use them on their criminal targets. Of course, given our history with the NSA leaks a few years back, the CIA may very well have overreached too, although mass-spying is less likely with the CIA than the NSA. "The CIA, like any other governmental intelligence agency, uses and will continue using various hacking tools and techniques to obtain any information they need to protect the country. This is their duty. So far, we don't have any evidence that these capacities were used unlawfully, for example, to violate reasonable expectation of privacy of innocent US citizens or for illicit interference with elections," High-Tech Bridge CEO Ilia Kolochenko told Softpedia. At this point, the worst we can accuse the CIA of is collecting zero-day vulnerabilities and exploiting them instead of sharing the data with the companies that could protect millions of users by patching up their systems. Source
  10. Explained — What's Up With the WhatsApp 'Backdoor' Story? Feature or Bug! What is a backdoor? By definition: "Backdoor is a feature or defect of a computer system that allows surreptitious unauthorized access to data, " either the backdoor is in encryption algorithm, a server or in an implementation, and doesn't matter whether it has previously been used or not. Yesterday, we published a story based on findings reported by security researcher Tobias Boelter that suggests WhatsApp has a backdoor that "could allow" an attacker, and of course the company itself, to intercept your encrypted communication. The story involving the world's largest secure messaging platform that has over a billion users worldwide went viral in few hours, attracting reactions from security experts, WhatsApp team, and Open Whisper Systems, who partnered with Facebook to implement end-to-end encryption in WhatsApp. Note: I would request readers to read complete article before reaching out for a conclusion. And also, suggestions and opinions are always invited What's the Issue: The vulnerability relies on the way WhatsApp behaves when an end user's encryption key changes. WhatsApp, by default, trusts new encryption key broadcasted by a contact and uses it to re-encrypt undelivered messages and send them without informing the sender of the change. In my previous article, I have elaborated this vulnerability with an easy example, so you can head on to read that article for better understanding. Facebook itself admitted to this WhatsApp issue reported by Boelter, saying that "we were previously aware of the issue and might change it in the future, but for now it's not something we're actively working on changing." What Experts argued: According to some security experts — "It's not a backdoor, rather it’s a feature to avoid unnecessarily re-verification of encryption keys upon automatic regeneration." Open Whisper Systems says — "There is no WhatsApp backdoor," "it is how cryptography works," and the MITM attack "is endemic to public key cryptography, not just WhatsApp." A spokesperson from WhatsApp, acquired by Facebook in 2014 for $16 Billion, says — "The Guardian's story on an alleged backdoor in WhatsApp is false. WhatsApp does not give governments a backdoor into its systems. WhatsApp would fight any government request to create a backdoor." What's the fact: Notably, none of the security experts or the company has denied the fact that, if required, WhatsApp, on government request, or state-sponsored hackers can intercept your chats. What all they have to say is — WhatsApp is designed to be simple, and users should not lose access to messages sent to them when their encryption key is changed. Open Whisper Systems (OWS) criticized the Guardian reporting in a blog post saying, "Even though we are the creators of the encryption protocol supposedly "backdoored" by WhatsApp, we were not asked for comment." What? "...encryption protocol supposedly "backdoored" by WhatsApp…" NO! No one has said it's an "encryption backdoor;" instead this backdoor resides in the way how end-to-end encryption has been implemented by WhatsApp, which eventually allows interception of messages without breaking the encryption. As I mentioned in my previous story, this backdoor has nothing to do with the security of Signal encryption protocol created by Open Whisper Systems. It's one of the most secure encryption protocols if implemented correctly. Then Why Signal is more Secure than WhatsApp? You might be wondering why Signal private messenger is more secure than Whatsapp, while both use the same end-to-end encryption protocol, and even recommended by the same group of security experts who are arguing — "WhatsApp has no backdoor." It's because there is always room for improvement. The signal messaging app, by default, allows a sender to verify a new key before using it. Whereas, WhatsApp, by default, automatically trusts the new key of the recipient with no notification to the sender. And even if the sender has turned on the security notifications, the app notifies the sender of the change only after the message is delivered. So, here WhatsApp chose usability over security and privacy. It’s not about 'Do We Trust WhatsApp/Facebook?': WhatsApp says it does not give governments a "backdoor" into its systems. No doubt, the company would definitely fight the government if it receives any such court orders and currently, is doing its best to protect the privacy of its one-billion-plus users. But what about state-sponsored hackers? Because, technically, there is no such 'reserved' backdoor that only the company can access. Why 'Verifying Keys' Feature Can't Protect You? WhatsApp also offers a third security layer using which you can verify the keys of other users with whom you are communicating, either by scanning a QR code or by comparing a 60-digit number. But here’s the catch: This feature ensure that no one is intercepting your messages or calls at the time you are verifying the keys, but it does not ensure that no one, in the past had intercepted or in future will intercept your encrypted communication, and there is no way, currently, that would help you identify this. WhatsApp Prevention against such MITM Attacks are Incomplete WhatsApp is already offering a "security notifications" feature that notifies users whenever a contact's security code changes, which you need to turn on manually from app settings. But this feature is not enough to protect your communication without the use of another ultimate tool, which is — Common Sense. Have you received a notification indicating that your contact's security code has changed? Instead of offering 'Security by Design,' WhatsApp wants its users to use their common sense not to communicate with the contact whose security key has been changed recently, without verifying the key manually. The fact that WhatsApp automatically changes your security key so frequently (for some reasons) that one would start ignoring such notifications, making it practically impossible for users to actively looking each time for verifying the authenticity of session keys. What WhatsApp should do? Without panicking all one-billion-plus users, WhatsApp can, at least: Stop regenerating users' encryption keys so frequently (I clearly don't know why the company does so). Give an option in the settings for privacy-conscious people, which if turned on, would not automatically trust new encryption key and send messages until manually accepted or verified by users. ...because just like others, I also hate using two apps for communicating with my friends and work colleagues i.e. Signal for privacy and WhatsApp because everyone uses it. Source
  11. WhatsApp Security: Make This Change Right Now! Security researchers found a backdoor in the popular messaging application WhatsApp recently that could allow WhatsApp to intercept and read user messages. Facebook, the owner of WhatsApp, claims that it is impossible to intercept messages on WhatsApp thanks to the services end-to-end encryption. The company states that no one, not even itself, can read what is sent when both sender and recipient use the latest version of the application. It turns out however that there is a way for WhatsApp to read user messages, as security researcher Tobias Boelter (via The Guardian) found out. Update: In a statement sent to Ghacks, a WhatsApp spokesperson provided the following insight on the claim: WhatsApp has the power to generate new encryption keys for users who are not online. Both the sender and the recipient of messages are not made aware of that, and the sender would send any message not yet delivered again by using the new encryption key to protect the messages from third-party access. The recipient of the message is not made aware of that. The sender, only if Whatsapp is configured to display security notifications. This option is however not enabled by default. While WhatsApp users cannot block the company -- or any state actors requesting data -- from taking advantage of the loophole, they can at least activate security notifications in the application. The security researcher reported the vulnerability to Facebook in April 2016 according to The Guardian. Facebook's response was that it was "intended behavior" according to the newspaper. Activate security notifications in WhatsApp To enable security notifications in WhatsApp, do the following: Open WhatsApp on the device you are using. Tap on menu, and select Settings. Select Account on the Settings page. Select Security on the page that opens. Enable "show security notifications" on the Security page. You will receive notifications when a contact's security code has changed. While this won't prevent misuse of the backdoor, it will at least inform you about its potential use. Source Alternate Source - 1: WhatsApp Encryption Has Backdoor, Facebook Says It's "Expected Behaviour" Alternate Source - 2: WhatsApp Backdoor allows Hackers to Intercept and Read Your Encrypted Messages Alternate Source - 3: Oh, for F...acebook: Critics bash WhatsApp encryption 'backdoor' Alternate Source - 4: Your encrypted WhatsApp messages can be read by anyone Alternate Source - 5: How to protect yourself from the WhatsApp 'backdoor' Alternate Source - 6: 'Backdoor' in WhatsApp's end-to-end encryption leaves messages open to interception [Updated] Detailed Explanation of the Issue and Prevention/Alternatives:
  12. Recent times have highlighted the need for better security against surveillance and privacy of every citizen yet there is small businesses who aim to reverse this all in the name of profit and today it has become clear to CWN that one of these smaller businesses, WtSpy has been breached and had a small amount of account information dumped. WtSpy is an service built for whatsapp.com that is provides an application designed for mobile devices that allows you to 'spy' on other users account activity. WtSpy attempts to sell its service as a way for parents to monitor their children and for employers to monitor their employees but there is no restriction as to who can register and one of the features they claim to provide is monitoring who a person is speaking to, when and how long for. The breach happened on the 4th of June 2016 by a hacker using the alias bRpsd and it appears the breach not only dumped data but left the website defaced too. The data was pasted to ghostbin and uploaded to various file sharing sites, some of which are still sharing the 30.6MB zip file which when extracted totals 112MB from 19 files over 10 folders. The content in the breach ranges from various android APK, server logs and user and administrator account information, user payment information and logs as well as a single image file called "Scam proof" which is published below but only shows a redacted page from the websites control panel which allows the administrator to set features for the payment types. Records Users/Accounts.txt 179,802 user accounts with usernames,email addresses and clear text passwords (some are encrypted, unsure why) Users/Messages.csv 700 msgs, mostly junk Users/Payments.csv 141,531 payment log entries with payment date, type, (unimportant information) Users/Admin Login.txt 1 administrator account with the weak password of okokfine. Users/old/Users.csv 76,699 user accounts in the same format as Users/Accounts.txt. All folders and contents: scam_proof.png One thing to take away from this if anything is that 29 of the registered accounts are using Saudi Arabia government emails addresses within the registration and that these types of tools appear to not be uncommon with a google search for "whatsapp, can i see who my contacts talk to" returns many promising results on how to get this done. Article source
  13. A dramatic privacy about-face by messaging app WhatsApp this summer, in which it revealed an update to its T&Cs would for the first time allow the sharing of its user data with parent company Facebook, is getting the pair into hot water in Europe. This week Facebook was ordered to stop harvesting data on WhatsApp users in Germany by the Hamburg city DPA, which hit out at the controversial change to WhatsApp’s T&Cs as both misleading to users and a breach of national data protection law. (Facebook disagrees, and is appealing the order in Germany.) It now looks the UK’s national data protection watchdog, the ICO, is preparing to ramp up its action too. The ICO had already been — in its words — “considering” the deal, questioning whether the two companies were being transparent with users about how their data is being shared and used. But speaking to the BBC’s PM program on Radio 4 yesterday, information commissioner Elizabeth Denham said it has launched “an investigation into the data-sharing”. Asked by the BBC whether the ICO intends to follow the Hamburg DPA’s lead and order the data-sharing to be stopped, Denham said: “My intervention is an advocacy intervention on behalf of all of the WhatsApp users in the UK — and boy have we heard from them! They are quite concerned. “There’s a lot of anger out there. And again it goes back to promises, commitment, fairness and transparency. We have launched an investigation into the data-sharing, remembering that in 2014 when Facebook bought WhatsApp there was a commitment made that between the two companies they would not share information.” The new WhatsApp T&Cs state that user data — including the mobile number used to register to use the service and a user’s last seen time within the app — will be shared with Facebook and the “Facebook family of companies”, including for marketing and ad targeting purposes. Users reading the T&Cs before clicking ‘I agree’ might notice that there is a way to opt out of the data-sharing for ad targeting — but the agreement default opts users in, and the text next to the toggle to refuse to share is arguably confusingly worded. So it’s likely that many WhatsApp users will have agreed to the new privacy policy without realizing that means they are now handing data to Facebook. “It’s an active and important investigation,” Denham added, during the PM interview. “I know the public wants to hear from us as to what we’re doing — and you will hear from us very shortly.” A spokeswoman for the ICO could not confirm whether or not the ICO has a formal investigation into the data-sharing underway at this point, but did say it would be putting out an update soon, perhaps later today or on Monday. In the PM interview, Denham was also pressed on whether the ICO is doing anything to stop data flowing now, while it probes the arrangement, but she said she thinks no data is yet flowing from UK WhatsApp users to Facebook. “We are told that data is not yet being shared — so I am hoping that there is a pause in the data-sharing, and some rethinking of the terms and the consent and what data is being shared,” she said. We’ve asked Facebook to confirm whether or not it is harvesting UK WhatsApp data at this point or not and will update this post with any response. Making a general statement about the data-sharing agreement earlier this month, Europe’s Article 29 Working Party, the data protection body that represents the collective views of the DPAs of all 28 Member State of the EU, asserted that: “Users should keep control of their data when Internet giants massively compile it.” Denham also referenced the WhatsApp-Facebook privacy controversy in other public comments this week, making her first public speech since taking over the role from the prior ICO, Christopher Graham. Speaking at an event in London she noted: “We are currently reviewing data sharing between WhatsApp and other Facebook companies — all of this is about transparency and individual control.” (Ironically that event, a one day conference entitled Personal Information Economy 2016, organized by a business consultancy called Ctrl–Shift, was funded with the help of Facebook cash — the event organizers confirmed to TechCrunch Facebook was one of the sponsors. So no surprise another of the speakers was Facebook’s Stephen Deadman, aka its global deputy “Chief Privacy Officer”. Ctrl Shift said all sponsors for the event were “printed clearly” in the event brochure that was shared with delegates on the day.) In a wide-ranging first public speech that set our her priorities for leading the UK regulator through turbulent post-Brexit times, Denham said the ICO intends to pick and choose its investigations with the aim of maximizing its impact — to, as she put it, “enable results which can cascade across a sector”. She added that technology is “already at the forefront of most of our major investigations”, noting that the ICO has also been asking questions about the massive Yahoo data breach, finally confirmed last week. “As an independent regulator we have powers to issue fines of up to half a million pounds which could eventually rise to four percent of a business’ global turnover,” she warned. “In an ideal world we wouldn’t need to enforce, but we will use the stick in the cupboard when necessary. And remember it’s not just about the money — it’s about your reputation too, with your customers, the public and in the media spotlight.” EC’s competition commissioner also eyeing big data and privacy The Facebook-WhatsApp data-sharing agreement has also caught the attention of the EC’s competition commissioner, Margrethe Vestager, who earlier this month revealed her department was asking questions about the privacy policy changes, noting that the fact they didn’t merge data was factored in when the acquisition was approved. Speaking at a conference on big data in Brussels this week, Vestager argued for the need for EU-wide regulation on data — referencing the Facebook-WhatsApp controversy and suggesting new rules are needed to enable the region’s regulators to keep up with tech giants’ use (and potential misuse) of data. “Europe’s competition enforcers need to work together on big data — not just the Commission, but the national competition authorities as well,” she said. “Many of them are already doing that. Our French colleagues have launched a sector inquiry on big data. And the German authority is looking at whether Facebook may have misused its power to impose unfair privacy terms. “But if we want to be able to deal with big data issues throughout the EU, then every national authority has to have the tools it needs to enforce the rules… I think there’s a strong case for new EU rules as part of the answer.” Big data as a currency that can be used by tech giants to stifle competition is a theme Vestager has spoken on several times before. This post was updated to include Vestager’s comments on Facebook-WhatsApp sharing data Source: https://techcrunch.com/2016/09/30/whatsapps-privacy-u-turn-on-sharing-data-with-facebook-draws-more-heat-in-europe/
  14. CatchApp Tool Can Siphon Encryption WhatsApp Messages From A Distance Israeli company claims it has developed CatchApp tool which can siphon encrypted WhatsApp data from a distance You may have seen in many Hollywood movies in which the main protagonist, an agent from the CIA or FBI placing his/her mobile besides the victim’s smartphone and copying data from it. Up to now, siphoning data from any smartphone just by being in its proximity was considered fiction but now an Israeli cyber surveillance company claims it has developed a sophisticated tool called CatchApp which can siphon off all WhatsApp chats, including encrypted communications, from phones within close proximity of a hidden Wi-Fi hacking device in a backpack. Haifa-based Wintego has released brochures for its CatchApp tool which it calls as a WhatsApp interceptor. Wintego promises that the Catchall App has an “unprecedented capability” to break through WhatsApp encryption and grab full data from a target’s account. It does so through a “man-in-the-middle” (MITM) attack; in theory, the traffic is intercepted between the app and the WhatsApp server and somehow the encryption is decoded by the device, though that may not be possible with the latest upgrades to the software’s cryptography. The company did not elaborate on how its CatchApp tool manages to decode/decrypt the WhatsApp encryption but Forbes has noted that the tool works on most versions of WhatsApp. The company has released the brochures of the App to advertise it to different police and law enforcement agencies around the globe. The CatchApp tool is a part of larger Wintego arsenal called WINT. According to the company, WINT hacking tool can fit into backpack. The company calls WINT a “data extraction solution” and says that it can can obtain “the entire contents of your targets’ email accounts, chat sessions, social network profiles, detailed contact lists, year-by-year calendars, files, photos, web browsing activity, and more” just by being near the victim’s PC/laptop/smartphone. It does that by acquiring login credentials for distinct accounts and then silently downloads “all the data stored therein”. Wintego claims WINT first gains access to a device by intercepting Wi-Fi communications, whether they’re open or private encrypted networks. WINT uses four separate Wi-Fi access points so it can track multiple targets and high-gain antennas to catch those at a distance. It’s small enough to fit into any backpack, said Wintego, so is ideal for stealthy operations. The details about Wintego dealings are top secret but reports indicate that it was founded by alumni of Verint, another Israeli firm. Verint itself was the top cyber surveillance tools supplier for America’s National Security Agency (NSA). According to Forbes, Yuval Luria acts as the face of the company, promoting the kit at major surveillance shows. He recently presented at the ISS World Training event in Prague (also known as the Wiretappers’ Ball), giving a talk on A Hybrid Tactical-Strategic Approach for Extracting Cyber Intelligence. Nhevo Kaufman appears to act as company chief, having set up the firm’s website back in 2011. Both the above tools are for sale only to police, law enforcement and spy firms but it is nowhere stated that the same can’t be bought by rogue actors. Source
  15. German Officials Order Facebook to Delete WhatsApp User Data Facebook was infringing data protection law Needless to say that WhatsApp users weren't pleased with the new feature and they quickly found a workaround that allowed them to disable the sharing feature within 30 days from installing or updating the app on their phones. The measure would pose some security and privacy concerns, which meant that WhatsApp had to update its terms and privacy policy, which it did for the first time in four years. WhatsApp is one of the most secure chatting applications out there, with default message encryption and self-destruct messages that make sure that no one can access conversations between users. Since the app is focused on privacy and security, it's only normal that users were concerned by this measure for sharing information with Facebook. It seems that users from Germany no longer need to worry about this, since the Hamburg Commissioner for Data Protection and Freedom of Information ordered Facebook to delete user data shared from WhatsApp. Facebook is willing to work with the Commission to resolve the issue The report by Reuters mentions that Facebook was infringing data protection law and WhatsApp's 35 million users in Germany didn't provide effective approval for sharing their information. "After the acquisition of WhatsApp by Facebook two years ago, both parties have publicly assured that data will not be shared between them," commissioner Johannes Caspar said in a statement. "The fact that this is now happening is not only a misleading of their users and the public, but also constitutes an infringement of national data protection law," Caspar added. The Commission also said that Facebook and WhatsApp are independent companies that should process user data based on their own terms and conditions. Facebook issued a statement saying that the company is working with the Hamburg DPA to resolve any concerns. Facebook bought WhatsApp for $19 billion two years ago. Source More info on this news - Alternate Source - Germany bans Facebook from collecting WhatsApp users' data
  16. Information Commissioner To Investigate Data Sharing Between WhatsApp And Facebook WhatsApp's plans to share user data with Facebook are to be investigated by the Information Commissioner's Office (ICO) in the UK. The change in privacy policy goes against a previous public commitment not to share data in this way. The ICO has the power to regulate how companies make use of data belonging to people located in the UK, even if the companies themselves are located elsewhere. A key concern is whether there will be compliance with data protection laws. Users are particularly upset about the data sharing plans because when Facebook acquired WhatsApp back in 2014, the company said clearly that data would not be shared in this way. The backlash on social media has, predictably, resulted in many people complaining that they will stop using WhatsApp. It has also been suggested that in sharing private data from WhatsApp, Facebook will be violating an agreement it struck with the Federal Trade Commission. Information commissioner Elizabeth Denham said: Anyone who is concerned about their privacy is reminded that they can use WhatsApp's instructions to prevent data sharing. Or they could stop using WhatsApp... Source
  17. WhatsApp Is To Hand Your Phone Number To Facebook Roses are red, violets are blue, Facebook knows all that you think, say and do WhatsApp has updated its terms and privacy policy for the first time in four years as part of parent company Facebook’s plans to generate cash through app users' data. While WhatsApp has been a separate service from Facebook since its acquisition for $16bn two years ago, the companies are now going to enjoy a cosier relationship. If you’re a WhatsApp user you can expect the app to soon export more of your information to Facebook as the megacorp seeks to bleed some revenue from businesses by allowing them to advertise to you, without using third-party banner advertisements and spam. This will not affect the privacy of the content of users’ messages. As WhatsApp integrates the Signal messaging protocol, messages are protected with end-to-end encryption. “We won’t post or share your WhatsApp number with others,” the business stated today, “including on Facebook, and we still won’t sell, share or give your phone number to advertisers.” This suggests that WhatsApp might yet offer itself as a platform for business to contact you through, but the company itself has announced that “by coordinating more with Facebook, we'll be able to do things like track basic metrics about how often people use our services and better fight spam on WhatsApp.” That sounds lovely, of course, until the statement continued: “And by connecting your phone number with Facebook's systems, Facebook can offer better friend suggestions and show you more relevant ads if you have an account with them. For example, you might see an ad from a company you already work with, rather than one from someone you've never heard of.” Users are not able to opt out of this data sharing, although you can choose not to allow to be shared for the purpose of improving their experience with advertisements and product experiences on Facebook. WhatsApp is seeking to integrate features that regularly take place over SMS at the moment: "Whether it's hearing from your bank about a potentially fraudulent transaction, or getting notified by an airline about a delayed flight, many of us get this information elsewhere, including in text messages and phone calls. We want to test these features in the next several months, but need to update our terms and privacy policy to do so." Source Related Alternate Source Articles: WhatsApp to Share Your Data with Facebook — You have 30 Days to Stop It Use WhatsApp? Get ready to receive marketing messages from firms WhatsApp to give users' phone numbers to Facebook for targeted ads WhatsApp to share your user data with Facebook WhatsApp to share user data including phone numbers with Facebook WhatsApp does about face, will serve ads in Facebook-owned app WhatsApp to Share User Phone Number with Facebook For Advertising Block WhatsApp from sharing (most) data with Facebook
  18. WhatsApp Fails to Properly Delete Your Chats The problem is in the way WhatsApp's SQLite DB deletes data The core issue at the heart of this problem is the SQLite database, which WhatsApp and many other more mobile applications use to store data on the phone they are installed. WhatsApp's SQLite database fails to delete data Zdziarski has discovered that, when a user deletes a WhatsApp conversation, SQLite's normal mode of operation is to mark the data as deleted and add it to a "free list" of database entries that can be re-written by other information, instead of actually wiping the data from its index. The developer says that there can be cases where months pass without the data being overwritten with other information. During all this time, the data lingers around on the device and is included as part of the app's database when the user creates backups of their device. Zdziarski says that if the user backs up their device to an iCloud account, because there is no encryption enforced, the WhatsApp SQLite database gets backed up in clear text, and law enforcement can force Apple to hand over the backup files and implicitly the deleted WhatsApp messages, still present in the database. There are several ways to recover deleted WhatsApp messages If the user backs up their device to their own computer, the data is again susceptible to the same process of reverse-engineering and getting the deleted WhatsApp messages. Apple also allows users to create and save backups to computers protected with encryption. If the backup password (encryption key) is short and simple, the researcher says that there are ways to brute-force the password and break the encryption. If the user stores this backup password in the Apple Keychain utility, then there are forensics tools that can leak the content of the Keychain and allow access to the WhatsApp SQLite database. Furthermore, any attacker with access to the user's iOS device can retrieve the SQLite database and recover deleted conversations. iMessage has the same problem, Signal does not Zdziarski says that other apps that use SQLite databases to store data on iOS devices are likely affected by the same problem. The researcher says that iMessage suffers from the same issue but highlights that the Signal messaging app does not. In his blog post, Zdziarski details four ways that app developers and users could mitigate this issue and also recommends four solutions that Facebook could implement to fix WhatsApp's SQLite problem. "Software authors should be sensitive to forensic trace in their coding. The design choices they make when developing a secure messaging app has critical implications for journalists, political dissenters, those in countries that don’t respect free speech, and many others," Zdziarski says. "A poor design choice could quite realistically result in innocent people - sometimes people crucial to liberty - being imprisoned." Source
  19. Official WhatsApp for Windows desktop application alows you to stay in touch anytime and anywhere - whether on your phone or computer at home or work. The app itself is quite similar to WhatsApp Web that was meant to be an extension of your phone: the app mirrors conversations and messages from your mobile device. The WhatsApp for PC offline installer is available for Windows 8 and later and is synced with your mobile device. Because the app runs natively on your desktop, you'll have support for native desktop notifications and better keyboard shortcuts. Just like WhatsApp Web, the New Desktop App lets you message with friends and family while your phone stays in your pocket. WhatsApp must be installed on your cell phone so you can use WhatsApp on your PC. WhatsApp supports only 64-bits versions of Windows. More Info : Download For windows: x86 https://web.whatsapp.com/desktop/windows/release/ia32/WhatsAppSetup.exe x64 https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Mac Download (10.9 and higher): https://web.whatsapp.com/desktop/mac/files/WhatsApp.zip
  20. WhatsApp Likely To Be Banned In India For Aiding Terrorists Supreme Court To Hear Plea For Banning WhatsApp In India Facebook owned WhatsApp is facing a major legal test in India, which is its prime market and has the most users from the world. The popular cross-platform messaging App is being sued by a RTI activist for aiding and abetting terrorists who wants Indian Supreme Court to ban it. The Indian Supreme Court will be examining whether WhatsApp should be banned following a Public Interest Litigation filed by Haryana based RTI activist Sudhir Yadav. Yadav PIL petition claims that ever since WhatsApp started to enable its every message with 256-bit encryption since April, it cannot be broken into and that is abetting terrorist who pass on important messages through it. “Even if WhatsApp was asked to break through an individual’s message to hand over the data to the government, it too would fail as it does not have the decryption keys either,” Yadav said in his petition. Yadav’s PIL states that the Indian authorities would need 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,935 key combinations in order to break the WhatsApp encryption and that is pretty impossible even for a supercomputer. Yadav said that before approaching the Indian supreme court, he had approached the Indian telecommunications watchdog, Telecom Regulatory Authority of India (TRAI) and the Ministry of Communications and IT for banning WhatsApp but had not received any reply. The apex court is now scheduled to hear his public interest litigation (PIL) petition on 29 June. Given Indian Supreme Court’s record in dealing with PIL’s, Yadav’s petition may be headed to dustbin but there is a chance that the Supreme Court may call top WhatsApp officials to depose before it or hand over the encryption keys to Indian authorities. Source
  21. Top 10 Simple Tips and Tricks For WhatsApp Users 10 Easy Tips and Tricks For WhatsApp users WhatsApp is undoubtedly the most popular mobile messaging service app that is used on the smartphone. Earlier this year, the Facebook-owned WhatsApp hit the 1 billion user mark and left behind Facebook’s own Messenger as the most widely used chat app in the world. Back in April, WhatsApp also rolled out end-to-end encryption on all of its devices. While WhatsApp is easy to use, there are also some hidden features and twists that we tend to miss out on. Moreover, popular messaging service keeps on adding features inconspicuously, that it becomes very important for us to be up to date. While there are many tips and tricks that you can use on WhatsApp, we bring to you those tips and tricks that will help you get started if you are a beginner. Hiding Last Seen, Profile Picture And Status The dreaded “last seen” feature can be the reason behind problems in life and keeping that in mind, WhatsApp has included the ability to hide it completely. You can hide your last seen, profile picture and status from people. To disable “Last Seen”, go to Settings > Account > Privacy > Last Seen. There you will have the options to select from if you want your last seen, profile picture and status to be seen by “Everyone”, “Contacts” or “Nobody”. Select “Nobody” and now your WhatsApp activities are now a secret to everyone but you. However, note that if you hide your last seen, you won’t be able to see others last seen as well. Check When A Message Was Read WhatsApp allows you to check when a message sent by you was read first. All you need to do is press hold on a message and tap “Info”. Once done, you will be able to see the time when your message was delivered and read. Read Messages Without Others Seeing The Blue Check Marks The blue ticks that appear beside a WhatsApp message indicate that the message has been read. However, the blue check marks make disregarding messages all the more difficult without giving yourself away. While a user’s “Last Seen” timestamp only tells you when a user was last on WhatsApp, the blue ticks leaves no room for explanation. Fortunately, you can read WhatsApp messages without pressing the alarm button. Enable Airplane Mode to temporarily kill your Internet connection. Once done, you can check your messages freely without giving yourself away. Similarly, you can enable banner notifications for Whatsapp, which allows you to read brief messages without opening the app. If everything fails, you can turn off the blue ticks all together. Go to Settings > Account > Privacy. Switch the toggle off on “Read Receipts.” You can now ignore all your friends and loved ones without hurting their feelings! Manage Auto Downloading Of Media Auto-download on WhatsApp is a convenient feature rather than manually tapping download every time a picture or video arrives. However, it can consume your limited mobile data bandwidth. Hence, there are options to set that accordingly. On Android, you will find the options in Settings > Chats and calls >Media auto-download. You can then set whether you want to auto download images, audio and videos on mobile data, Wi-Fi and roaming. On the iPhone, there’s only an option to either turn ON or OFF automatically “Save Incoming Media.” Bold, Italicize, And Strikethrough Text The latest update in WhatsApp allows you to bold, italicize, or strikethrough text easily. To do so, you will have to enclose the text in special characters. To bold text, enclose the text with asterisks, like this: *text* To strikethrough text, enclose the text with tildes, like this: ~text~ To italicize text, enclose the text with underscores, like this: _text_ Send Group Messages Using Broadcast Lists WhatsApp’s “Broadcast Lists” feature allows you to send the same message to multiple people at once without them knowing. Such a feature is useful when you want to send a birthday invite or a reminder of an event, etc. To send a group message through a Broadcast List, for iPhone > go to Chats > Broadcast Lists > New List. Add the contacts you wish to receive the message, type the message and hit send. The message will then appear in a private chat with each person. On Android > go to Chats > click on the three vertical dots on the top right corner of the screen > New broadcast. Add the contacts you wish to receive the message and hit “create.” Type the message you wish to send and hit enter. Backup Your Chat History You are at risk of losing your entire WhatsApp chat history, if you lose your smartphone or switch devices. Fortunately, WhatsApp allows you to backup your contacts and chat history either automatically or manually. Recently, WhatsApp rolled out a new feature, which lets you backup your chats on Google Drive (Android) and iCloud (iPhone). To do this, go to Settings > Chats > Chats Backup. You will be able to see the date of your last backup and the file size. Select “Back Up” in Android smartphones and “Back Up Now” on iPhone, if you would like to backup manually. Alternatively, you can also turn on “Auto Backup” on iPhone, if you do not wish to rely on yourself to remember. Change Your Number There may be times when we move to a new place and we have to take a new number. In that case, you can simply change your phone number on WhatsApp without losing any of your chats or data. Head over to Settings > Account > Change number, then enter your old and new number. Once WhatsApp verifies your number through SMS or call, it will be changed. Set Up Popup Notifications And Reply Directly (Android Only) The feature to get popup notifications has been enabled by WhatsApp on Android only. You can turn it on by going to Settings > Notifications > Popup notification. You can set it to show popup when screen is off or on, or you can set it to “always show popup”. The popup notification also lets allows you to respond directly from the popup, which makes chatting with more people simultaneously easier. Hide Notification Preview Of Messages Thanks to WhatsApp notifications, it can be embarrassing at times, when your friend ends up reading your personal messages. It is an even bigger problem with both Android and iOS supporting lock screen notifications. However, the good news is WhatsApp on iPhone lets you hide notification preview of messages. To hide notification preview of messages, go to Settings >Notifications and turn off “Show Preview“. Sadly, WhatsApp on Android does not let you disable preview of messages but you can disable notifications. Go to phone Settings > Apps >WhatsApp > Notifications and selecting “Block all”. Do note that this will result in no notifications entirely from WhatsApp. Source
  22. How To Hack WhatsApp Using SS7 Flaw Researchers are easily able to hack WhatsApp and Telegram using the known telecom flaw We continuously receive queries from readers about how to hack WhatsApp. The world’s most popular cross platform messaging App is seen to be ultimate hack by many because it has recently enabled 256-bit encryption. For ordinary souls this encryption would take days and months to decode a sentence or a complete message. Ditto with another secure messaging service called Telegram. Though Telegram is not as popular as WhatsApp, it has its ardent group of followers who use it for its encryption as well as snooping free service. Though both of these Apps are end-to-end encrypted both of them suffer from hardware side vulnerability which can be exploited to hack and hijack both WhatsApp and Telegram. The vulnerability lies in Signalling System 7, or SS7, the technology used by telecom operators, on which the highly secure messaging system and telephone calls rely. SS7 is a set of telephony signalling protocols developed in 1975, which is used to set up and tear down most of the world’s public switched telephone network (PSTN) telephone calls. It also performs number translation, local number portability, prepaid billing, Short Message Service (SMS), and other mass market services. SS7 is vulnerable to hacking and this has been known since 2008. In 2014, the media reported a protocol vulnerability of SS7 by which both government agencies and non-state actors can track the movements of cell phone users from virtually anywhere in the world with a success rate of approximately 70%. In addition, eavesdropping is possible by using the protocol to forward calls and also facilitate decryption by requesting that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded. Researchers created a tool (SnoopSnitch) which can warn when certain SS7 attacks occur against a phone and detect IMSI-catchers. You can view how researchers managed to hack WhatsApp and Telegram using the SS7 flaw below : WhatsApp Hack Telegram Hack Both the hacks exploit the SS7 vulnerability by tricking the telecom network into believing the attacker’s phone has the same number as the victim’s phone. Once the network has been fooled, anybody, even a newbie can spy on the legitimate WhatsApp and Telegram user by creating a new WhatsApp or Telegram account using the secret code. Once complete, the attacker now controls the account, including the ability to send and receive messages. Even more horrific is the fact that the hacker can also send messages on behalf of the victim, and read confidential messages intended for the victim without ever having to try to break strong encryption protocols. See how easily you can hack WhatsApp and Telegram by fooling the network into believing your are the victim. Source
  23. WhatsApp is currently one of the most popular messengers on the mobile platform. The mobile applications for different operating systems allow group chats, sharing locations and sending photos and videos among others. With the introduction of WhatsApp for Windows, you can now enjoy using your favorite messenger from your desktop. The free desktop app is compatible with Windows 8 and later operating systems. Using WhatsApp for Windows WhatsApp for Windows acted as an extension of our Smartphone, which needed to run the mobile app for it to work. We placed our phone close to the computer for the best experience, but we could as well leave it in the pocket after the initial setup. When we launched the app for the first time, we needed to scan a QR code with its mobile counterpart. We pressed the Menu button on the mobile app and tapped WhatsApp Web, which allowed us to scan the code on the computer. Once we had scanned the code, all the conversations on our mobile app were loaded onto the desktop version. We did not manually add any contact, as the program intuitively imported them from the phone. We seamlessly continued with our chats from the computer, where typing was more convenient. In addition to using a large keyboard, we had access to all keyboard shortcuts, which made our work even easier. We could send messages, pictures and attachments, record voice messages and manage our message history from the computer. The program saved our messages, and we did not need to worry about missing pushed notifications. The Menu option on the mobile app allowed us to view all web and desktop clients logged into our account. Homepage: https://www.whatsapp.com/ Download 32Bit: https://web.whatsapp.com/desktop/windows/release/ia32/WhatsAppSetup.exe Download 64Bit: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe
  24. As much as these instant messaging services would like it to be the case, not everyone spends all day in front of their smartphones (though some really do). Some do have to spend some time in front of full computers, which sometimes means missing out on important, or not so important, interruptions from family and friends. That is why WhatsApp is now offering a desktop version of its messaging app, available for both Windows PCs and and Mac OS X so you won't have to miss a beat just because you really need to be productive. With the exception of Facebook Messenger and Google Hangouts, WhatsApp is perhaps the first standalone (that is, not tied to a bigger social network) messaging service that provided a web app for its users. This allowed them to still keep on chatting even when there is no native mobile WhatsApp app on their smartphone or don't have access to their smartphone at the moment. Somewhat ironically, WhatsApp is actually the last to the party when it comes to putting out a desktop client, with rivals like Viber, LINE, and KakaoTalk having jumped in much earlier. Better late than never, of course, and now you can while your time away on your desktop with WhatsApp's desktop client. You might wonder why WhatsApp would even bother with a separate app since it already has a more universal web app for it. Native desktop clients, however, provide better integration with platforms, like notifications, keyboard shortcuts, and performance. Especially with Chrome removing its practically unused Notification Center feature, users might want a better, not to mention better looking, way to be notified of chats and events. The WhatsApp desktop client is available for free and can run on Mac OS X 10.9 and later as well as Windows 8 and later. From the screenshot above, it seems that the Windows version might be a Universal Windows app. Like others of its ilk, you will still need to actually have an active WhatsApp app and account on your mobile device in order to activate this desktop version. source