logged into whatsapp with a new phone number today and the message history from the previous number's owner was right there?! this doesn't seem right.
— Abby Fuller (@abbyfuller) January 11, 2019
Looks like WhatsApp, one of the world’s most popular messaging apps, is plagued with a nasty bug. If claims are true, the issue exposes your WhatsApp messages history in plain text, meaning anyone can see it.
So what exactly is the bug?
Well, it all started with a Tweet from an Amazon employee Abby Fuller today wherein they said after they popped in their new SIM into a new phone, and logged into WhatsApp, they could see the message history associated with the WhatsApp account of the previous owner of the number.
Yes it was a new device. No it wasn't second hand. It was not a second hand SIM. Yes I'm sure they weren't my messages, or groups that I was added to. Yes they were in plaintext. I am sure it's my phone number. It was not restored from a backup.
— Abby Fuller (@abbyfuller) January 11, 2019
It’s worth mentioning here that the official WhatsApp documentation says information tied to the previous phone number gets completely deleted after 45 days. Here’s how exactly WhatsApp explains it:
Important: Remember to delete your old account. However, if you didn’t delete your account and no longer have access to your old phone, don’t worry. If the new owner of your old number activates WhatsApp on a new phone after 45 days, all of your account information tied to that phone number will be completely deleted
However, Abby confirmed the new number has been with them for more than 45 days:
This number has been mine > 45 days (multiple month). Seems like the messages should have been wiped with the account but weren't (or were resent). Either way, account should have been wiped and was not. https://t.co/XmG1P1zPO2
— Abby Fuller (@abbyfuller) January 11, 2019
Here’s some other valuable information Abby revealed on the matter:
https://twitter.com/abbyfuller/status/1083637518422011904
https://twitter.com/abbyfuller/status/1083636692681089024
Abby said she deleted all the old stuff from the previous owner. If you take a look at the comments on her tweet, many tech aware people are acknowledging this is a huge privacy lapse in WhatsApp, especially considering the service offers end-to-end encryption.
(a) yikes that's a bad bug
— Adrienne Porter Felt (@__apf__) January 11, 2019
(b) yiiiiikes the responses in this thread
I discussed Abby’s revelation with my team, and we have some confusions about the whole use case Abby shared. However, one thing is clear that Abby seeing someone else’s messages in plain text when the SIM has been in her name for over 45 days is definitely a bug.
As for our confusions, Kingshuk De from our team will add his view point on the matter in sometime, so keep checking back this story for updates (Update: Analysis below).
Our analysis
To start with, there are couple of unknown parameters involved – the operating system (Android/iOS), the version of WhatsApp app itself and the service provider (thus their policy regarding reusing a particular number from the pool).
I’ve referred to couple of peer reviewed research papers and the series of articles by Vladimir Katalov on the vulnerability analysis of WhatsApp and their encryption infrastructure on chat backups. Vladimir is a well-known security analyst and the CEO at ElcomSoft Co. Ltd., which publishes industry standard security forensic tools.
Back to the analysis part, assuming Abby Fuller encountered some old messages after activation of a new WhatsApp account using the number: what would be source of such messages? Let’s explore all the possibilities:
- a local backup (internal storage of phone)
- a cloud backup (iCloud or Google Drive)
- sync using WhatsApp’s own servers
We can ditch the possibility 1, as according to Abby it’s a new phone and they don’t have any previous WhatsApp account logged in from it. Also, it is highly unlikely that the previous owner of the phone number once activated their account on the phone when it was in factory.
The second possibility is kinda unique. Going through this, this and this articles, it’s evident that the user’s encryption/decryption key is generated by WhatsApp servers the first time the user makes a backup. But the key is never stored in the cloud; but only kept on the device itself. Quoting Vladimir:
However, it is possible to generate that key based on the user’s WhatsApp ID (their phone number). The newly generated encryption key will exactly match the key that was used to make all of the user’s previous backups in their Google Account; moreover, this very same key will be used for all future WhatsApp backups of that user created in their Google Account. In other words, you just need to generate the key once, and can used it indefinitely to obtain past, present and future backups.
But they said, no restoration was performed. So stop right there! There’s no need to discuss the probable ways of having the residue of the previous owner’s key or forge one.
Regarding the third, I want to make sure that we’re not dragging the idea of intentionally implanted backdoors here. WhatsApp’s inherent protocol is derived from Signal and there are peer reviewed analysis of it (example). It does not keep a copy of the messages anywhere on its servers, which nullify the idea of cloud acquisition.
Though it can be possible that the previous owner deactivated or the account got automatically deactivated while there were unsend messages to it. In WhatsApp’s terminology, the messages got a single click/tick from sender’s end. After reactivation using the same number, they got delivered to it because the primary identifier is the number itself.
While writing the analysis, Googler Filippo Valsorda actually posted the same explanation:
The only explanation I can think of here is that they were sent *after* the previous owner stopped using it. They stayed with one tick, and got resent when you registered. So it’s not going to happen with any of your messages that you actually received.
— Filippo Valsorda 💉💉 (@FiloSottile) January 11, 2019
Update starts:
Turns out this possibility was already highlighted by The Guardian back in 2017, but a real life use case has now come to light through Abby. Here’s a relevant excerpt from The Guardian’s story (titled WhatsApp design feature means some encrypted messages could be read by third party):
The way WhatsApp implemented the protocol, new keys are generated when – for example – a user gets a new phone or reinstalls the app. Messages for the user which may have been waiting to be delivered while the user was offline are then re-encrypted and resent by the sender automatically, without the sender having had an opportunity to verify that the recipient is the person intended to receive the message. A sender is notified after the event if the sender has opted to turn on a notification in settings, but not otherwise
It’s worth mentioning that the original article (linked above) had various inaccuracies, so the story was edited following a review. You can head here to know more on those inaccuracies.
Update ends:
Any other take from you guys? We will try to contact with Abby Fuller and update the article if there is anything new on the matter. Stay tuned!
PiunikaWeb is a unique initiative that mainly focuses on investigative journalism. This means we do a lot of hard work to come up with news stories that are either ‘exclusive,’ ‘breaking,’ or ‘curated’ in nature. Perhaps that’s the reason our work has been picked by the likes of Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors, and more. Do take a tour of our website to get a feel of our work. And if you like what we do, stay connected with us on Twitter (@PiunikaWeb) and other social media channels to receive timely updates on stories we publish.