Private-Mail Blog

WhatsApp has been in the news a lot lately – especially since it was discovered that Saudi Crown Prince Mohammed bin Salman utilized WhatsApp to hack Amazon founder Jeff Bezos’s phone. This highly publicized hack has brought the security of WhatsApp into the current conversation, with many security experts and competing messaging services weighing in on recent events. Telegram founder Pavel Durov has a lot to say on the matter, and he seems to be onto something.

WhatsApp Users Have Been In Trouble Before

While the Bezos and Bin Salman incident was highly publicized, it’s certainly not the first of its kind. While both people involved in this particular incident are among the highest of high profile individuals, scams and hacks take place via WhatsApp to regular folks on a regular basis. Scammers and phishers have used WhatsApp to extort money from users or collect passwords from them under the guise of anonymity. WhatsApp has made numerous false promises regarding privacy improvements and encryption, but none of them have come to pass.

Telegram Founder’s Thoughts and Feelings

Pavel Durov, Telegram’s founder, has been vocally opposing and criticizing WhatsApp for quite some time – even more so since the major incident. As the founder of a chat app, Durov is familiar with security practices and the purpose (or dangers) of backdoors. WhatsApp is owned by Facebook, and in the wake of recent discoveries, Facebook has decided to blame iOS for the flaw responsible for allowing the hack to play out on Bezos’s iPhone.

Durov isn’t here for any of it. He claims that Facebook is wrongfully forcing blame onto another company in an attempt to escape countability. Durov feels that Facebook needs to step up and own some of the fundamental flaws with the app. He shifts the blame right back to WhatsApp, claiming that chat backups on iCloud are the problem. By using their own infrastructure, WhatsApp can provide more secure storage of messages.

Durov has also criticized the fact that WhatsApp’s source code is not available to the public. Making this code available would give users and developers a better idea of the kind of encryption utilized by WhatsApp, allowing professionals to better assess its suitability and efficiency. Durov seems to imply that by hiding the source code (and it’s worth noting that Telegram’s is available), the messaging service may also be hiding more glaring issues.

The Placement of the Backdoors

Durov’s experience as a chat app owner has taught him many things. He blames the security issues on deliberately placed backdoors. It’s not unusual for law enforcement agencies to request backdoors or special access, specifically as it pertains to solving crimes. In some countries with heavy internet censorship, such as Russia and Iran, these backdoors are a prerequisite for an app to be sold. Failure to comply will remove the app from the local market.

Durov refused to comply, making Telegram inaccessible in certain countries. Since WhatsApp is available across most of the globe, it goes without saying that they complied with requests from these governments. These backdoors in and of themselves are security flaws that can make the app more vulnerable – if governments can use them, so can hackers.

How to Keep Your Communications Secure

Heavily encrypted messaging without any backdoors is hard to come by. PrivateMail is proud to offer exactly that. OpenPGP encrypted emails and paranoid encrypted cloud service for attachments means that no one except the sender and the recipient will ever be aware of the content being sent or received. If you’re looking to avoid security flaws in your messaging, we’re everything you need.