While WhatsApp seems to be one of the most important messaging applications safe thanks to its inclusion encryption, the user showed surprised in contact with a fail which allowed him to access the full history of another person's talks, and will have to check if this situation could be repeated.
Abby FullerThe Amazon developer discovered that by entering WhatsApp with a new phone number, the application retrieved conversations from previous user This number, which the telephone company had previously allocated to someone else, is common practice in companies.
Fuller noted that the iPhone he had registered was newthat SIM it has never been used beforethat the conversations were not encrypted and that they were not restored from iCloud or Google Drive.
"I entered WhatsApp with a new phone number today and news history there was the owner of the previous number. That's it it doesn't seem right"Fuller wrote on Twitter.
Abby Fuller tweet a detailed security flaw.
"And now I wonder: How many times has it happened? Anyone with my old number now has MY WhatsApp history? He asked.
"Yes, It was a new device. No, it wasn't used. It wasn't a SIM card. Yes I'm sure it wasn't my reportor the groups they added to me. Yes, they were in plain text. I'm sure it's my phone number. They were not restored from the backup, ”the user explained.
This failure, if it happened again, would be a serious inconvenience users, given that anyone who is already using the number already used can access old conversationsmay contain sensitive material.
It can even be used spy on active user conversationswhen to steal or clone phone number from another device.
Although WhatsApp has not issued any kind comments In this regard, experts point out that the best is activate the login in two steps to protect more privacy.
How to activate the login in two steps
To activate a higher level security on WhatsApp you have to enter Settings menu pressing three points in the upper right corner.
WhatsApp menu for two-step testing
When you are there, you enter "Account"and then on "Two-step verification".
The system will force us we will register a six-digit PIN code, and that we will attach an account with an email address if we forget the password.