Is someone about to hack your smartphone?
Is someone about to hack your smartphone?
Benedikt Fuest

For months, free smartphone instant messaging service WhatsApp has been topping the download charts. It is a favorite application for both iPhone and Android users. To the annoyance of cell phone providers, WhatsApp has become a kind of quasi replacement for the old fee-based SMS. According to WhatsApp developers, their servers handle over 10 billion messages per day.

However the service, which is run by small San Francisco start-up WhatsApp Inc., is neither as secure nor as failure-resistant as one would expect from a market leader. In his blog British web developer Sam Granger writes that any relatively ambitious hacker could get into WhatsApp accounts without a problem, either to intercept messages or send messages from their victim’s account.

This is because WhatsApp is set up to make the service friendly to new users who don’t have to provide their own combination of user name and password – they just use the existing info relating to their phone as login data. Telephone numbers are simply and clearly the basis for user names, and WhatsApp passwords -- at least on Android phones -- are clearly based on a phone’s IMEI serial number.

Granger discovered that to generate a password out of the IMEI number the app just changes the order of the digits – “your password is likely to be an inverse of your phones IMEI number with an MD5 cryptographic hash thrown on top of it.” What that means is that anybody who knows a phone’s IMEI number can figure out the password.

Many apps use IMEI numbers to identify phones, and any installed program can access that information and pass it on to an external database. In the event that what happened to iPhone this week (a hacker group released one million Apple UDIDs) happens to WhatsApp, and a database generated from the phone serial numbers were to be made public, WhatsApp user accounts would be compromised and become targets for spammers. Not that hackers have lost any time -- on gray market sites, databases of Android phone serial numbers and corresponding cell phone numbers are sold under the keyword WhatsApp.

WhatsApp has been criticized many times for its security loopholes. Until recently the app carried unencrypted messages through the net, and a simple program made it possible for them to be accessed from a Wi-Fi network. The app also stores message history unencrypted on the SD memory card of Android phones.

Another issue is that WhatsApp can be completely cut off from the mobile phone network. As this article goes to print, T-Mobile users cannot access WhatsApp after a T-Mobile update blocked the relevant network port. T-Mobile says this was accidental and service would be resumed as fast as possible.

You've reached your monthly limit of free articles.
To read the full article, please subscribe.
Get unlimited access. Support Worldcrunch's unique mission:
  • Exclusive coverage from the world's top sources, in English for the first time.
  • Stories from the best international journalists.
  • Insights from the widest range of perspectives, languages and countries
Already a subscriber? Log in
Support Worldcrunch
We are grateful for reader support to continue our unique mission of delivering in English the best international journalism, regardless of language or geography. Click here to contribute whatever you can. Merci!
Society

Teachers v. Parents: The End Of Tunisia's "Golden Age" Of Education

Violence against teachers, poorly received educational reforms, conflicts with parents: In Tunisia, the entire education sector is in crisis.

In a Koranic school in Kasserine

Frida Dahmani

TUNIS — In Sousse, a city in eastern Tunisia, students tried to burn down their school with Molotov cocktails. In Mahdia, a coastal city, an English teacher was dragged before the courts after having given an F to a student. In Ezzahra, in the southern suburbs of Tunis, a student stabbed his history and geography teacher after not being allowed to retake an exam for which he had been absent without an excuse. Another student exhibited female underwear in class to make his classmates laugh.

Keep reading... Show less
Support Worldcrunch
We are grateful for reader support to continue our unique mission of delivering in English the best international journalism, regardless of language or geography. Click here to contribute whatever you can. Merci!
You've reached your monthly limit of free articles.
To read the full article, please subscribe.
Get unlimited access. Support Worldcrunch's unique mission:
  • Exclusive coverage from the world's top sources, in English for the first time.
  • Stories from the best international journalists.
  • Insights from the widest range of perspectives, languages and countries
Already a subscriber? Log in
THE LATEST
FOCUS
TRENDING TOPICS
MOST READ