WhatsApp will also create simple passwords on iOS
The popular SMS replacement WhatsApp is also iOS generate the password used to log in a very primitive way: According to the Italian blog Ezio Amodio here simply takes the client's MAC address of the WLAN interface twice and generates an MD5 hash: md5 (AA: BB: CC: DD: EE: FFAA: BB: CC: DD: EE: FF).
Demonstrate this should extract from the disassembled code of the iPhone app. Should the allegations prove true, this would be a major security issue: To authenticate WhatsApp uses namely only the phone number of the user and the automatically generated password. If you use the app about the hotspot, the other wireless users easily read along this information - and so could potentially take over the account permanently.
The MAC address is already in the public network and the phone number is - despite the recent introduction of message encryption - in clear text in the broadcast news as a test by heise Security found. What apps on Android uses instead of the MAC address of the IMEI of your smartphone to generate the password.a
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment