A new security bug found in WhatsApp now lets anyone see your profile photo
even if you have set it to ‘Contacts-only’.
A 17-year-old security researcher, Indrajeet Bhuyan, discovered this
problem. The problem occurred due to the new web version. It is said to be a
result of the phone app not being synced properly with the new web
interface.
Basically, people usually prefer to share their profile pictures only with
their contacts, and the security bug makes your private picture available to
strangers.
Bhuyan has also discovered another bug in the web version. The web app shows
photos that have been deleted. On your phone, you will notice that the photos
get blurred once you delete them, but looks like the web saves them
indefinitely.
This also means the web version introduced last month still
doesn’t follow all the security measures taken for the mobile version.
Security expert Graham Cluley said, “Sure, it’s not the
most serious privacy breach that has ever occurred, but that’s missing the
point. The fact of the matter is that WhatsApp users chose to keep their
profile photos private, and their expectation is that WhatsApp will honour
their choices and only allow their photos to be viewable by those who the user
has approved.”
There has been no response from WhatsApp about this security flaw.
No comments:
Post a Comment