WhatsApp has previously announced that it would be making several big changes to the platform this year, including updating its privacy policy, and now that it has happened, the messaging app is under fire for allegedly threatening the privacy of its users, with many saying they would move to rival apps like Telegram and Signal.
Nevertheless, it seems like both Signal and Telegram have the same vulnerabilities as WhatsApp, according to a study.
Mobile Contact Discovery Feature
In a report by SciTechDaily, researchers from the Secure Software Systems Group at the University of Würzburg and Cryptography and Privacy Engineering Group at the Technical University of Darmstadt conducted a study showing that these popular messaging apps expose personal data
Based on the research, these apps can do so via their discovery services features that allow the messaging app to find possible contacts through your phone's local address book, which is apparent in apps like WhatsApp, Signal, and Telegram.
You may notice that when you install such apps, it would ask permission to access your address book, which they would then upload onto their servers through the process known as mobile contact discovery.
The team of researchers says that this certain process is what threatens the privacy of billions of messaging app users.
As part of the investigation, they were able to perform crawling attacks on WhatsApp, Signal, and Telegram without using that much resources, meaning hackers can do the same.
Read More : Parler Ban Causes Parlor App Download Surge by 35% in 24 Hours Due to Confused Searchers
Extensive Research Shows Behaviors
For the research, the team queried 100% of all the US mobile phone numbers for Signal and 10% for WhatsApp, allowing them to gather the meta data that these messaging apps commonly acquire from their users, such as their profile pictures, status text, and the last time they were online.
Through the data they gathered, the team also found some rather worrisome behavior from users.
For example, very few of the users change the app's default privacy setting, which isn't private at all, and that 50% of WhatsApp users across the country has a public profile picture, with 90% more with a public "About" text.
What's more, 40% of Signal users are also WhatsApp users and each of them has the same profile picture on both messaging apps.
Attackers can track such data and build accurate models over time that they can use to gain an advantage against the victims.
Telegram Exposes Data?
Meanwhile, the researchers also found that those who are using Telegram has found that its contact discovery service can expose some sensitive information of even owners of the phones whose numbers were not registered in the app.
Those who want to read the full research can check the research entitled "All the Numbers are US: Large-Scale Abuse of Contact Discovery in Mobile Messengers," which is available on PDF.
According to The Independent, a WhatsApp spokesperson, privacy policy changes were "common in the industry" and that users have enough time to review them, plus it's designed to "offer integrations across the Facebook Company Products," including Messenger and Instagram.
Despite that, many are still unsure about the policy change and are planning to move to rival apps.
Related Article : Telegram Uses Coffin Dance Meme to 'Pay Tribute' to WhatsApp's Death of User Privacy
This article is owned by Tech Times
Written by: Nhx Tingson