Forums
Main Category
General (Technical,...
Whatsapp fake encry...
 
Notifications
Clear all

Whatsapp fake encryption

 
Page 1 / 2
General (Technical, Procedural, Software, Hardware etc.)
Last Post by droopy 9 years ago
18 Posts
5 Users
0 Reactions
2,568 Views
RSS
 droopy
(@droopy)
Estimable Member
Joined: 11 years ago
Posts: 136
Topic starter 16/05/2016 6:39 pm  

I have posted 3 months ago the same information which is now public
http//www.engadget.com/2016/05/15/john-mcafee-claims-to-crack-whatsapp-messages

People here seems do not believe in magic )


   
Quote
Chris_Ed
 Chris_Ed
(@chris_ed)
Reputable Member
Joined: 16 years ago
Posts: 314
16/05/2016 8:24 pm  

There are two sides to every story. I wonder which will turn out to be true?

Edit; Oh and please note that McAfee is not stating that WhatsApp encryption is "fake"; he is instead stating that there is a flaw with Android which may result in malicious actors being able to snoop on your activity.


   
ReplyQuote
 droopy
(@droopy)
Estimable Member
Joined: 11 years ago
Posts: 136
Topic starter 16/05/2016 8:40 pm  

John information is real.
Even i could post the full code of whatsapp and show exact parts of the weak and backdoor, but not sure due to legal regulations.

For example, i could manage to record a whatsapp call.
it generated 4 files, one IN communication and OUT, splitted on my sdcard.
I could trigger them REMOTE, without touching my phone.

So come on whatsapp, moxie and those fake coders.

There are many other PUBLIC information related to weak implementation of whatsapp such as https://www.ptsecurity.com/wwa/news/57894/


   
ReplyQuote
jaclaz
 jaclaz
(@jaclaz)
Illustrious Member
Joined: 18 years ago
Posts: 5133
17/05/2016 1:45 am  

There are many other PUBLIC information related to weak implementation of whatsapp such as https://www.ptsecurity.com/wwa/news/57894/

Well, that seems like nothing really connected specifically with whatsapp, it is about a "generic" SS7 vulnerability, not really "news", and not really "secret"
https://www.washingtonpost.com/news/the-switch/wp/2014/12/18/german-researchers-discover-a-flaw-that-could-let-anyone-listen-to-your-cell-calls-and-read-your-texts/

jaclaz


   
ReplyQuote
 droopy
(@droopy)
Estimable Member
Joined: 11 years ago
Posts: 136
Topic starter 17/05/2016 3:46 am  

There are many other PUBLIC information related to weak implementation of whatsapp such as https://www.ptsecurity.com/wwa/news/57894/

Well, that seems like nothing really connected specifically with whatsapp, it is about a "generic" SS7 vulnerability, not really "news", and not really "secret"
https://www.washingtonpost.com/news/the-switch/wp/2014/12/18/german-researchers-discover-a-flaw-that-could-let-anyone-listen-to-your-cell-calls-and-read-your-texts/

jaclaz

Thats why i put "PUBLIC" and "OTHERS" method.
Hope you are smart to understand english language )
Else, take an english course
Similar to this one http//www.hackingarticles.in/hack-anyones-whatsapp-qr-codeworking/?utm_source=my_robot&utm_medium=twitter


   
ReplyQuote
Chris_Ed
 Chris_Ed
(@chris_ed)
Reputable Member
Joined: 16 years ago
Posts: 314
17/05/2016 1:07 pm  

The subsequent article you posted also does not suggest that WhatsApp encryption is 'fake'. Anything else?


   
ReplyQuote
SamBrown
 SamBrown
(@sambrown)
Trusted Member
Joined: 11 years ago
Posts: 97
17/05/2016 4:27 pm  

Are you guys talking about the encryption of the backup files or the encryption which secures the transport of the messages?


   
ReplyQuote
jaclaz
 jaclaz
(@jaclaz)
Illustrious Member
Joined: 18 years ago
Posts: 5133
17/05/2016 4:40 pm  

Hope you are smart to understand english language )
Else, take an english course

I cannot right now, my teacher should be busy next few years teaching you some politeness and courtesy 😯 (besides English grammar) , though he seems like being not particularly optimistic about having you learn anything on the matter (.

Similar to this one http//www.hackingarticles.in/hack-anyones-whatsapp-qr-codeworking/

… which is about a phishing tool
https://github.com/Mawalu/whatsapp-phishing
capable - if you succeed to lure the user into running it - to let you impersonate the user.
It is a hack, nothing actually encryption related, and again nothing really "new", original blog post is August 2015
http//blog.mawalabs.de/whatsapp-phishing/

jaclaz


   
ReplyQuote
 droopy
(@droopy)
Estimable Member
Joined: 11 years ago
Posts: 136
Topic starter 17/05/2016 8:35 pm  

The pages i listed are "OTHER" or demos of weak implementation of whatsapp.

The encryption part i could decoded as i reverse the full source code of whatsapp to PLAIN CODE, readable java code, where i could locate exploits, bugs (many) and weak implementation. As you know this is NOT public. And i am not sure due to legal regulations to post it, i could post you snippets or something but not full code.

I told you , i could trigger call recording (4 files are saved to sdcard with the audio of both parts perfect at 100% quality), i could move encrypted chats to unencrypted chats on sdcard (NO ROOT REQUIRED wowowow), remove and disable ALL whatsapp encryption REMOTE just by editing 1 byte, etc, etc.

All is done in MAIN.java of whatsapp where the "clever" whatsapp coder put options ON OFF for each feature, and server could ACTIVATE or deactivate them REMOTE when whatsapp people want.

So, you want more information? do i need to post code?
Come on…..

Whatsapp, signal and ALL softwares are NON secure, crap in the encryption scene.


   
ReplyQuote
jaclaz
 jaclaz
(@jaclaz)
Illustrious Member
Joined: 18 years ago
Posts: 5133
17/05/2016 10:51 pm  

The encryption part i could decoded as i reverse the full source code of whatsapp to PLAIN CODE, readable java code, where i could locate exploits, bugs (many) and weak implementation.

… all these years believing that "source code" was already "plain code" (and could be read fine) and what was reversed was "compiled code" … ?

jaclaz


   
ReplyQuote
Page 1 / 2
Forum Jump:
  Previous Topic
Next Topic  
Share: