Security experts are warning users of some flaw in Whatsapp configuration that could expose your Whatsapp conversation to hackers. The warning came after Amnesty international endorse Whatsapp as the most secured platform to chat with.
Few security experts have disagreed with this decision from Amnesty International, and one of such disagreement is coming from Electronic Frontier Foundation (EFF), an organization dubbed the most biggest technology in the world, due to how transparent and protective it is of their users.
Though Whatsapp uses an end- to-end encryption services for its 1 Billion users worldwide. The encryption allows that your texts, images, PDFs will be scrambled and cannot be deciphered either by hackers or government agencies.
However, the EFF has warned users to be careful about how users use sensitive information, because they might be read by someone else because of Whatapp unencrypted backups.
While your messages are well encrypted when using the app, the company did not encrypt the backups they make for your conversations. As a user of the app, when you lost your phone stolen, you will realize when you login on Whatsapp, your backup information is restored.
That means that your information could be stored in the cloud which might not be encrypted, and cybercriminals could break into it and read whatever you have on your cloud backup.
In a blogpost by EFF;
In order to back messages up in a way that makes them restorable without a passphrase in the future, these backups need to be stored unencrypted at rest.
Upon first install, WhatsApp prompts you to choose how often you wish to backup your messages: daily, weekly, monthly, or never.
In [our Surveillance Self Defense guide], we have advised users to never back up their messages to the cloud, since that would deliver unencrypted copies of your message log to the cloud provider.
In order for your communications to be truly secure, any contact you chat with must do the same.