WhatsApp Security Bug: Your Profile Picture ‘Could’ Be Viewed By Anyone

It has come to light that a potential security problem found in WhatsApp could mean that anyone could see a users’ profile photos. Accordi...

It has come to light that a potential security problem found in WhatsApp could mean that anyone could see a users’ profile photos. According to security researchers, this is even ‘if’ they have been set to be viewed by friends only. The security flaw, which was located by 17-year-old security researcher Indrajeet Bhuyan, appears to be the result of the phone application not being properly synced with the new web interface.  Bhuyan is not new to locating holes in WhatsApp. He has previously found a way of forcing the app to crash on Android phones by sending a small message to users.


In WhatsApp, a user is able to configure the application so that it will only share their profile photo with people that they have saved as contacts.

Apparently, this bug can allow another person to circumvent that and see the profile photos of strangers. The web version of the app allows users to look at photos that have since been deleted. On the phone app, those photos become blurred out, but on the web app they appear to remain clear.

Security expert Graham Cluley wrote in a blog post on the bug, “Sure, it’s not the most serious privacy breach that has ever occurred, but that’s missing the point…The fact of the matter is that WhatsApp users chose to keep their profile photos private, and their expectation is that WhatsApp will honour their choices and only allow their photos to be viewable by those who the user has approved.”


The team at WhatsApp are committed to making sure security and privacy for its users remains paramount and they have shown this by recently introducing end-to-end encryption on the service.
The WhatsApp web client was introduced a couple of weeks back on January 21. This excited many as they were finally able to respond to messages from their PC, but by the same token it also disappointed lots of other users because of the limited compatibility and functionality the client has.
[Image via time]

   

COMMENTS

BLOGGER
Name

Acronyms,1,Ads Ready,1,Adsense,1,Adserver,1,airtel,2,android,22,Apps,4,Auto Loader,19,backup,1,Bank,1,BB10,1,better,1,bios,1,blackberry,24,Blogger,11,blogger jquery,12,Blogger Template,3,blogger tips,12,Blogger Widget/Gadget,13,Bluetooth,1,BOIS Update,1,browser,2,Bug,1,business,3,CAD,1,capability,1,Career Development,2,Celebrate,1,chat,1,cloud computing,1,code,1,comment,2,computer,13,crack,17,crash,1,css,3,cure,1,CV,18,data,2,delete,1,Diamond Bank,2,download,32,email,6,ESPN,1,etisalat,2,Facebook,2,Feedburner,1,Firmware,3,Flash File,27,Flash Games,3,Flashing,3,For Seniors,2,free-up space,1,Freebies and Giveaways,2,FTP,1,Galaxy,2,games,5,glo,2,good,1,Google,8,Google Affiliate,1,Google Drive,1,Google Photos,1,Google Play Store,3,Google+.,1,great,1,GTA,4,guide,3,hacks,7,handle,1,Hard drive,2,HDD,1,how to,10,HTC,2,html,1,Huawei,1,ict,4,India,1,INEC,1,Infinity Best,1,Innovation,1,Intel,1,internet,6,internet explorer,1,iOS,2,ipad,4,iphone,7,Itel,1,java script,6,Jetpack,1,keyboard,8,know,3,Label,3,Laptop,1,Learning,12,LG,2,Lollipop,2,Mac,2,Management,1,Marriage,1,Mediafire,1,meeting,1,message,12,Microsoft,5,Microsoft excel,2,mobile,7,Mobile Phones Specifications,1,mobility,2,money,1,Motorola,1,Movie,1,Mozilla Firerfox,1,MS Word,1,MTK,2,mtn,4,music,1,need,1,Networking,1,NOBLE NOKIA INFO,9,Nokia,4,notebook,1,passwords,1,PayDirect,1,PayPal,1,PC,7,PC Games,45,PC mgazine,6,PC Tricks,3,pc-crash,1,PDF,1,Personal Productivity,4,Phone,3,photo shop,1,Play Station,9,Plugin,1,post,2,Premium Blogger Template,1,protect,3,ProtectTool,1,Racing Game,2,reasons,1,Responsive,1,Root,2,sagem,1,samsung,11,save,1,secrets,1,secure,4,security,9,security Enhancements,5,Server,1,shell-coding,1,shortcut,21,Simple Server,1,SmartsmsSolutions,2,SMS,6,social community,3,Sony,2,Spreadtrum,1,SSD,1,steps,1,Stock Rom,2,Symbian,1,Sync,2,Tablet PC,3,Talent,1,TECH_WORLD,2,Techniques,3,technology,3,technology tips,26,Tecno,7,template hacks,1,Theme,1,tips,19,transmissions,1,Tutorial,3,tutorials,28,types,1,USB Driver,1,users,1,Video,1,Virus,1,Visa Card,1,Volcano Box,8,Vote,1,WAP WORLD,8,Whatsapp,1,windows,11,Windows 10,2,Windows 7,1,Windows 8,1,windows mobile,1,Windows Phone,2,Windows Phone Store,2,windows xp,5,word of life,11,Wordpress,3,work place skills,7,WPTouch Mobile Plugin,1,Xbox,2,zain,1,Zenith Bank,1,
ltr
item
NOBLE ICT EXPLOITS ZONE™: WhatsApp Security Bug: Your Profile Picture ‘Could’ Be Viewed By Anyone
WhatsApp Security Bug: Your Profile Picture ‘Could’ Be Viewed By Anyone
http://4.bp.blogspot.com/-OcJlE6xGVWY/VNsaEceOwpI/AAAAAAAAEcw/GzW34uAeXWw/s1600/WHATSAPP.jpg
http://4.bp.blogspot.com/-OcJlE6xGVWY/VNsaEceOwpI/AAAAAAAAEcw/GzW34uAeXWw/s72-c/WHATSAPP.jpg
NOBLE ICT EXPLOITS ZONE™
https://naijaexploits.blogspot.com/2015/02/whatsapp-security-bug-your-profile.html
https://naijaexploits.blogspot.com/
https://naijaexploits.blogspot.com/
https://naijaexploits.blogspot.com/2015/02/whatsapp-security-bug-your-profile.html
true
4058378300189517969
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy