The Encrypted Messaging Apps Are Not So Safe And Its Not Their Fault

Right from the moment Wikileaks leaked the data which reveals the true capabilities of CIA, people are urging each other to uninstall the messaging and social networking apps, as CIA can crack the encrypt the messages sent by these apps. The main problem here is not with the apps, but with the operating system itself.

People started worrying about their privacy but there are no indications that the CIA has done anything illegal with their power, they just happened to notice a few zero-day vulnerabilities in the giant companies and did not take the responsibility to share the information with the respective companies, potentially putting millions of users at risk.

Then, there is another fact that that, the CIA has developed a malware which can bypass the encryption layers used by the popular messaging and social networking apps like, Signal, Telegram, WhatsApp and so on. This is actually not the fault of the apps, since the CIA has based its malware on the Android and iOS, zero-day bugs which they found but choose not to tell Google or Apple about it.

When the operating system itself is attacked, there is very little that an app can do to protect the user any further. Since the app itself is made to fit with the operating system. The app depends on it to function properly. Once you have received a message, the app will do what it is supposed to do- decrypt the message. But, if the operating system is compromised by a malware like the one built by the CIA, you can easily give-up on that data since it is no longer protected.

Even regular hackers can compromise your device without that much trouble as bypassing app encryption settings. If, for instance, you tap a link you shouldn’t, download a malicious file which then triggers a malware to be downloaded to your device, you can be just as vulnerable.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA