1. Engineers
    “We are creating a common platform for every engineer in the world"
    Are you a part of it yet?

    Start Now - It's FREE
    Dismiss Notice

WhatsApp Exploit Could Be Used To Monitor Your Sleep Patterns & People You Are Chatting With

By Satya Swaroop Dash in 'Computer Science | IT | Networking', Oct 11, 2017.

  1. Satya Swaroop Dash

    Engineering Discipline:
    Computer Science
    WhatsApp, which started as your go-to instant messaging solution and was later turned into a message forwarding machine by your uncle has come under some scrutiny from a software engineer called Robert Heaton. Robert Heaton has managed to uncover a flaw in the working of WhatsApp that can be used to monitor activity of another user. Before you get too worked up about this flaw and start panicking about your shady activity on WhatsApp we would like to inform you that your chats remain safe as WhatsApp still employs end-to-end encryption. The only details about your WhatsApp activity that this flaw can reveal is how much time you remain online on WhatsApp thereby tracking your sleep patterns and by tracking more than one of your friends figure out your frequency of communication with them.

    WhatsApp.jpg

    We do not think that this flaw has yet been exploited by hackers because Robert Heaton presents us with an imaginary scenario where someone might create a rogue Chrome extension that monitors your online activity via WhatsApp web. In a detailed yet story-like blog post, he tells us about him creating a simple Chrome extension using just four lines of JavaScript. The flaw that he points out in the working of WhatsApp is that while you can hide your “Last Seen” status you can never hide the fact that you are online. Someone could use this information to keep a log of your online status to find out about your sleep patterns by noting the time you are offline. In the picture below Robert shows us that you can find the results from the Chrome extension and map them out on a graph to find someone’s sleep patterns.

    WhatsApp Exploit 1.jpg

    While this exploit of monitoring your online status on Facebook Messenger and Tinder have already been pointed out, this is the first time someone took the same idea and applied it to WhatsApp. The next part of this exploit starts by monitoring the online status of more than two people. Once you correlate the online patterns of two persons you can make a guess of the regarding the frequency of communication between the two persons. For example of person A is remaining online in the same period as person B for more than a few times in a week you can find speculate that they are talking to each other during the overlap of them being online. Here you can see how one can graph online activity of two persons and correlate them.

    WhatsApp Exploit 2.jpg

    Finally Robert Heaton ends the tale by saying that a web analytics company can build tools which monitors WhatsApp activity of people and send the results to credit card companies or health insurance companies and make a profit off that. Here is why this exploit is not that scary. First no one has actually built a tool to put this exploit into use and second since this has been put on the internet WhatsApp may try to mask your online status from extensions on Chrome.

    Source: Robert Heaton via The Next Web
     
    • Like Like x 1
    1. Satya Swaroop Dash

      Engineering Discipline:
      Computer Science
      This exploit is nothing new and numerous messaging services and social networking websites rely on your online status. While on Facebook (Web) you can remain as offline and still chat with your friends, on WhatsApp the moment you view a message in the app it shows your online status. The only thing that WhatsApp can do here is put out an option where people who aren’t in your contact list cannot view your online status. This would help maintain your online status privacy.
       
    2. Kaustubh Katdare

      Administrator

      Engineering Discipline:
      Electrical
      I recall there was an app that monitored your tweets to find out what are the times that you use the service the most, what time you sleep and what are your favorite topics. An 18 year old from my city had developed it in his part time and even sold it online for $5k.

      Let 5G be a reality and we'll have sensors defining our behavior.
       
    Tags: