{"id":164783,"date":"2021-01-28T05:50:35","date_gmt":"2021-01-28T02:50:35","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/pardon-the-intrusion-35-whatsapps-messaging-mess\/"},"modified":"2021-01-28T05:50:35","modified_gmt":"2021-01-28T02:50:35","slug":"pardon-the-intrusion-35-whatsapps-messaging-mess","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/pardon-the-intrusion-35-whatsapps-messaging-mess\/","title":{"rendered":"#Pardon the Intrusion #35: WhatsApp\u2019s Messaging Mess"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2739348b229\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2739348b229\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/pardon-the-intrusion-35-whatsapps-messaging-mess\/#Whats_trending_in_security\" >What\u2019s trending in security?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/pardon-the-intrusion-35-whatsapps-messaging-mess\/#Data_Point\" >Data Point<\/a><\/li><\/ul><\/nav><\/div>\n<p>&#8220;<strong>#Pardon the Intrusion #35: <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">WhatsApp<\/a>\u2019s Messaging Mess<\/strong>&#8221;<\/p>\n<div>\n                            <strong><em>Subscribe to this bi-weekly <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a>letter <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/tnw.to\/newsletter\">here<\/a>!<\/em><\/strong><\/p>\n<p><span>Welcome to the latest edition of Pardon The Intrusion, TNW\u2019s <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/thenextweb.us1.list-manage.com\/track\/click?u=22ec88eb9b9d8bc3bcf660787&amp;id=37136e54f1&amp;e=0e200ae170\">bi-weekly newsletter<\/a> in which we explore the wild world of security.<\/p>\n<p><span>Well, that escalated quickly.<\/span><\/p>\n<p><span>After alerting users of a change in privacy policy earlier this month and kicking up a storm, <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/thehackernews.com\/2021\/01\/whatsapp-delays-controversial-data.html\">WhatsApp has backed down<\/a><span>\u2014 for now.<\/span><\/p>\n<p><span>The <\/span>in-app alert<span> on January 6 urged users to agree to the new terms and conditions that grants the app the right to share with Facebook some personal data about them, such as their phone number and location. Users failing to agree to the revised policy by February 8 were cautioned they would completely lose access to the service.<\/span><\/p>\n<p><span>The announcement ended up creating so much confusion about the data-sharing arrangement that <\/span>WhatsApp has decided to postpone<span> the enforcement until May 15, a three month delay which it hopes will \u201cclear up the misinformation.\u201d<\/span><\/p>\n<figure class=\"post-image post-mediaBleed aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter lazy\" width=\"480\" height=\"270\" data-file-id=\"60206\" src=\"https:\/\/mcusercontent.com\/22ec88eb9b9d8bc3bcf660787\/images\/ec4849b4-f6e8-4bbb-990f-3334c5129347.gif\" data-lazy=\"true\"\/><\/figure>\n<p><span>The Facebook-owned company has since clarified that the update does not expand its ability to share personal user chats or other profile information with Facebook and is instead simply providing further transparency about how user data is collected and shared when using the messaging app to interact with businesses.<\/span><\/p>\n<p><span>Whether intentional or not, this \u2018all-or-nothing\u2019 approach backfired, leading to a <\/span>surge in sign-ups<span> for rival messaging apps such as Signal and Telegram.<\/span><\/p>\n<p><span>Dealing yet another blow to WhatsApp, India\u2019s <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a> ministry asked Facebook to <\/span>withdraw<span> the update, saying \u201cthe proposed changes raise grave concerns regarding the implications for the choice and autonomy of Indian citizens.\u201d<\/span><\/p>\n<p><span>With more than 400 million active users, India is WhatsApp\u2019s largest market.<\/span><\/p>\n<p><span>If anything, the development only serves to highlight the urgent need for more countries to pass European GDPR-like data protection regulations that explicitly spell out how data of users are collected, processed, and shared with other parties.<\/span><\/p>\n<h3 class=\"h2 mso-font\"><span class=\"ez-toc-section\" id=\"Whats_trending_in_security\"><\/span><span>What\u2019s trending in security?<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span>Google researchers detailed a <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/googleprojectzero.blogspot.com\/2021\/01\/introducing-in-wild-series.html\">sophisticated hacking operation<\/a><span> that exploited vulnerabilities in Chrome and Windows to install malware on Android and Windows devices, a Muslim prayer app called Salaat First was found <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.vice.com\/en\/article\/xgz4n3\/muslim-app-location-data-salaat-first\">selling location data<\/a><span>to Predicio, and Amazon-owned Ring begins testing end-to-end video encryption.<\/span><\/p>\n<ul>\n<li>\n<span>Internet of Things or <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/internetofshit\">Internet of Shit<\/a><span>? A hacker locked internet-connected chastity cages manufactured by Qiui and demanded ransom from its users. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.vice.com\/en\/article\/m7apnn\/your-cock-is-mine-now-hacker-locks-internet-connected-chastity-cage-demands-ransom\">Vice Motherboard<\/a><span>]<\/span>\n<\/li>\n<li>\n<span>Google researchers detailed a sophisticated hacking operation that exploited vulnerabilities in Chrome and Windows to install malware on Android and Windows devices. They were all addressed as of April 2020. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/googleprojectzero.blogspot.com\/2021\/01\/introducing-in-wild-series.html\">Google Project Zero<\/a><span>]<\/span>\n<\/li>\n<li>\n<span>Whistleblower site DDoSecrets \u201chas made available about 1 terabyte of that data, including more than 750,000 emails, photos, and documents from five companies.\u201d The corporate information was amassed from dark web sites after ransomware operators leaked them. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.wired.com\/story\/ddosecrets-ransomware-leaks\/\">WIRED<\/a><span>]<\/span>\n<\/li>\n<li>\n<span>Android and iOS don\u2019t extend encryption protections as far as they could, allowing for potentially unnecessary security vulnerabilities, according to researchers at Johns Hopkins University. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.wired.com\/story\/smartphone-encryption-law-enforcement-tools\/\">WIRED<\/a><span> \/ <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/securephones.io\/\">Data Security on Mobile Devices<\/a><span>]<\/span>\n<\/li>\n<\/ul>\n<figure class=\"post-image post-mediaBleed aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter lazy\" width=\"480\" height=\"293\" data-file-id=\"60190\" src=\"https:\/\/mcusercontent.com\/22ec88eb9b9d8bc3bcf660787\/images\/d295be57-de99-4a65-9b64-c121447d5056.gif\" data-lazy=\"true\"\/><\/figure>\n<ul>\n<li>\n<span>While Amazon-owned Ring is testing end-to-end video encryption, it also fixed a security flaw in its Neighbors app that exposed the precise locations and home addresses of users who had posted to the app. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/techcrunch.com\/2021\/01\/14\/ring-neighbors-exposed-locations-addresses\/\">TechCrunch<\/a><span>]<\/span>\n<\/li>\n<li>\n<span>A popular Muslim prayer app called Salaat First has been found to sell location data to Predicio, which is linked to a US contractor which works with the Immigration and Customs Enforcement (ICE). The incident highlights how apps not only harvest location data, but also the ease with which this information is traded in the location data industry. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.vice.com\/en\/article\/xgz4n3\/muslim-app-location-data-salaat-first\">Vice Motherboard<\/a><span>]<\/span>\n<\/li>\n<li>\n<span>Before Parler got shut of out of all platforms, it emerged that a hacker had managed to <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/techcrunch.com\/2021\/01\/11\/scraped-parler-data-is-a-metadata-goldmine\">scrape 99% of the posts<\/a><span> from the \u201cfree speech\u201d social network. But how did she do it? It all came down to \u201cabysmal coding and security\u201d practices. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/arstechnica.com\/information-technology\/2021\/01\/parlers-amateur-coding-could-come-back-to-haunt-capitol-hill-rioters\/\">Ars Technica<\/a><span> \/ <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.wired.com\/story\/parler-hack-data-public-posts-images-video\/\">WIRED<\/a><span>]<\/span>\n<\/li>\n<li>\n<span>Microsoft says it\u2019s planning to fix a bizarre Windows 10 bug that could corrupt a hard drive just by encountering an icon. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon\/\">Bleeping Computer<\/a><span>]<\/span>\n<\/li>\n<\/ul>\n<figure class=\"post-image post-mediaBleed aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter lazy\" width=\"480\" height=\"293\" data-file-id=\"60194\" src=\"https:\/\/mcusercontent.com\/22ec88eb9b9d8bc3bcf660787\/images\/8d8d40db-53c5-4745-815c-f208aec97c94.gif\" data-lazy=\"true\"\/><\/figure>\n<ul>\n<li>\n<span>The operators of the Ryuk ransomware are believed to have earned more than $150 million worth of Bitcoin from ransom payments by hacking companies all over the world. The payments were made from 61 deposit addresses. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.advanced-intel.com\/post\/crime-laundering-primer-inside-ryuk-crime-crypto-ledger-risky-asian-crypto-traders\">Advanced Intelligence<\/a><span>]<\/span>\n<\/li>\n<li>\n<span>Personal information of Americans sell on dark web marketplaces for the cheapest prices ($8 per record), per an analysis of stolen information across 40 different dark web marketplaces. Japan and the UAE have the most expensive identities at an average of $25. [<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.comparitech.com\/blog\/vpn-privacy\/dark-web-prices\/\">Comparitech<\/a><span>]<\/span>\n<\/li>\n<li>\n<span>The past fortnight in data breaches, leaks, and ransomware: <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.ema.europa.eu\/en\/news\/cyberattack-ema-update-4\">European Medicines Agency<\/a><span>, <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hacker-leaks-full-database-of-77-million-nitro-pdf-user-records\/\">Nitro PDF<\/a><span>, <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hacker-posts-19-million-pixlr-user-records-for-free-on-forum\/\">Pixlr<\/a><span>, <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/scotland-environmental-regulator-hit-by-ongoing-ransomware-attack\/\">Scottish Environment Protection Agency<\/a><span>, <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/krebsonsecurity.com\/2021\/01\/ubiquiti-change-your-password-enable-2fa\/\">Ubiquiti<\/a><span>, and the <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/threatpost.com\/hackers-breach-un-access-records\/162944\/\">United Nations<\/a><span>.<\/span>\n<\/li>\n<\/ul>\n<h3 class=\"h2 mso-font\"><span class=\"ez-toc-section\" id=\"Data_Point\"><\/span>Data Point<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span>Ransomware is now responsible for <\/span><strong>46%<\/strong><span> of healthcare data breaches, a new research from <\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.tenable.com\/blog\/tldr-the-tenable-research-2020-threat-landscape-retrospective\">Tenable<\/a><span> has found. What\u2019s more, over <\/span><strong>35%<\/strong><span> of all breaches are linked to ransomware attacks, often at a financial cost.<\/span><\/p>\n<p><span>According to cybersecurity company Emsisoft\u2019s \u2018<\/span><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/blog.emsisoft.com\/en\/37314\/the-state-of-ransomware-in-the-us-report-and-statistics-2020\/\">State of Ransomware<\/a><span>\u2018 report, in 2020 alone, <\/span><strong>113<\/strong><span> federal, state and municipal governments and agencies, <\/span><strong>560<\/strong><span> healthcare facilities, and <\/span><strong>1,681<\/strong><span> schools, colleges and universities were impacted.<\/span><\/p>\n<p><span>\u201cWhile organizations can never completely eliminate the possibility of human error, they can design their networks in such a way that they do not collapse like houses of cards when those errors occur,\u201d Emsisoft researchers said.<\/span><\/p>\n<\/p><\/div>\n<p><script async src=\"\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/thenextweb.com\/newsletter\/2021\/01\/28\/pardon-the-intrusion-35-whatsapps-messaging-mess\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#Pardon the Intrusion #35: WhatsApp\u2019s Messaging Mess&#8221; Subscribe to this bi-weekly newsletter here! Welcome to the latest edition of Pardon The Intrusion, TNW\u2019s bi-weekly newsletter in which we explore the wild world of security. Well, that escalated quickly. After alerting users of a change in privacy policy earlier this month and kicking up a storm,&#8230;<\/p>\n","protected":false},"author":1,"featured_media":164784,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/img-cdn.tnwcdn.com\/image\/tnw?filter_last=1&fit=1280,640&url=https:\/\/cdn0.tnwcdn.com\/wp-content\/blogs.dir\/1\/files\/2019\/09\/ptl-newsletter-hed.png&signature=c4f12fef9a1a81c9ecf46fee2ba1a103","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[76419,5056,73239,72287,90583,70759,72047],"class_list":["post-164783","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-telegram","tag-encryption","tag-newsletter","tag-security","tag-signal","tag-tech","tag-whatsapp"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/164783","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=164783"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/164783\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/164784"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=164783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=164783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=164783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}