WhatsApp Bug: Private Photos Displayed Publicly

WhatsApp Bug: Private Photos Displayed Publicly
aalmeidah / Pixabay

Due to a security problem, users’ profile photos can be seen by anyone even if they had been set to private.

17-year-old security researcher Indrajeet Bhuyan discovered the problem, which he says results from the phone app not properly syncing with the recently released web interface. According to Andrew Griffin of The Independent, Bhuyan has previously discovered other issues with WhatsApp, including working out how to make the app crash on Android devices by sending a short message to users.

Play Quizzes 4

A minor privacy issue

In this instance the issue concerns the privacy of profile pictures. Users can set their privacy settings so that their profile photo cannot be viewed by anyone who is not on their contact list, but the bug allows people to see any profile photo they like.

This Fund Manager Correctly Warned Of Stocks Becoming Correlated With Bonds

Getty Images OatlyClint Carlson's Double Black Diamond Fund returned 3.94% for April, bringing its year-to-date return to 5.27%. All of the fund's business units were in the green for April except its event-driven strategy, which declined nine basis points. Year to date, all units except for the event-driven strategy are in the green, with the event-driven book Read More

The new web application also displays photos that the user has previously deleted. The mobile app blurs these photos so that they are no longer visible, but that is not the case on the web version.

“Sure, it’s not the most serious privacy breach that has ever occurred, but that’s missing the point,” wrote security expert Graham Cluley on his blog. “The fact of the matter is that WhatsApp users chose to keep their profile photos private, and their expectation is that WhatsApp will honour their choices and only allow their photos to be viewable by those who the user has approved.”

WhatsApp: Strong security focus

WhatsApp will surely move to fix the bug in order to maintain its good reputation on security. The company recently introduced end-to-end encryption to ensure security and privacy.

Since its release on January 21 the response to the the web client has been mixed. Some users were happy to finally be able to use the app from their PC, but others were left disappointed. The most common complaints arose from its limited functionality and compatibility.

Fixing this minor bug is a small task compared to improving the web client, which is surely a more important issue.

Updated on

While studying economics, Brendan found himself comfortably falling down the rabbit hole of restaurant work, ultimately opening a consulting business and working as a private wine buyer. On a whim, he moved to China, and in his first week following a triumphant pub quiz victory, he found himself bleeding on the floor based on his arrogance. The same man who put him there offered him a job lecturing for the University of Wales in various sister universities throughout the Middle Kingdom. While primarily lecturing in descriptive and comparative statistics, Brendan simultaneously earned an Msc in Banking and International Finance from the University of Wales-Bangor. He's presently doing something he hates, respecting French people. Well, two, his wife and her mother in the lovely town of Antigua, Guatemala. <i>To contact Brendan or give him an exclusive, please contact him at theflask@gmail.com</i>
Previous article Corsair Capital Management Explains Importance Of Good Management
Next article NASA Plans Mission To Europa To Look For Life

No posts to display