Innovation
Can WhatsApp Be Hacked? Here’s the Truth.
WhatsApp is a Facebook created cross-platform messaging and voice app that makes it easy to communicate with other people around the world—such as family. Like any other social media app, it allows you to network with a simple internet connection and phone service plan.
As WhatsApp continues to grow, speculation has arisen that the platform is prone to hacking. To answer the big question, can WhatsApp be hacked? The answer is Yes and No. Let’s start with the Yes.
The “Yes” Answer.
WhatsApp communication data could be accessed through a backdoor intrusion on the device (your phone or computer). Backdooring is a stealth tactic used by malicious actors like hackers to bypass the standard authentication or encryption in the computer systems, hardware, or electronics. Backdoor tools are generally embedded into a target device or software application without the owner’s or user’s knowledge.
In most cases, engineering tricks like sophisticated deception, persuasion, and other psychological manipulation tricks are used to influence the target into installing back doors onto their own devices without knowing the danger. Back doors give malicious actors administrative control over the target computing devices and use remote access Trojan (RAT) to control them.
Most backdoors come in the form of free mobile apps and Desktop software that we install on our smartphones and computers. We love to download free software, and yet these could be used as tools to spy on us, steal our confidential data, or even make you an accomplice in a crime you didn’t commit.
Once installed on the device, back doors try to get “root access” to your device (especially on android phones) by targeting multiple vulnerabilities that they exploit to control the entire system, thereby allowing a remote attacker or any malicious actor to control your device or phone fully.
If a vulnerability-based attack is not successful, the backdoor could try to trick you into granting it root access by displaying a message that probably looks like “Urgent System Update required, Click Update.” By clicking Update, you will be granting a backdoor program system-wide privileges on your device, which essentially gives a remote attacker complete control over your phone to be able to read all your WhatsApp conversations.
Israeli cyber arms firm NSO Group developed a Spyware program called “Pegasus.” This malware tool has scary potential to carry out key-logging (Capturing Keyboard typing), collect passwords, trace the location of the phone, take screenshots on the device screen, control device’s camera and microphone, sniff conversations like stealing your messages and call records from instant messaging apps (WhatsApp, Facebook, Twitter, Skype, and Gmail).
To prevent backdoors from accessing your device or network, you’ll have to do the following:
- Install reliable antivirus software from recognized and industry-leading vendors. Most people feel like it’s not necessary to have antivirus on their phones, yet it is significant for their devices’ security. AVG, McAfee & Kaspersky Mobile Antivirus are some of the most reputable services that are recommended for use.
- As mentioned, most Backdoors get installed on your device after being persuaded or social-engineered; you always need to be careful with what you download from the internet. Avoid clicking on every link you find on the internet. Such links have persuasive wording like; “click here to claim your prize, download this free internet app, this app will turn your phone into absolute magic.” Such persuasive wordings are intended to manipulate your minds psychologically and compromise your personal conviction and judgment on what you need and don’t need on the internet.
- Some Backdoors work through port binding. At the software level, a port is a logical construct that identifies a specific process or network service type. Ports are identified for each protocol and address combination by 16-bit unsigned numbers, commonly known as port numbers. It is through ports that various services are run.
When a server program is initially started, it binds to a designated port number. Some of the protocols that use port numbers include the Transmission Control Protocols, TCP (used for inter-communication of devices on the internet, intranet, or extranet).
The TCP/IP is popularly known as an Internet Protocol Suite; a group of different protocols like File Transfer Protocol (FTP), Secure Shell (SSH), Telnet, Simple Mail Transfer Protocol (SMTP), Domain Name System (DNS), Hypertext Transfer Protocol (HTTP), Simple Network Management Block (SNMB) and many others.
Many of these protocols run on various assigned ports, some of which are vulnerable to backdooring attacks through Remote Access Execution. For instance, File Transfer Protocol (FTP) runs on Ports 20 or 21. And when these ports are open or instead of listening, attackers or hackers can carry out anonymous authentication attacks on FTP Servers, Web Servers, or SQL Servers, thereby granting them access to sensitive data.
Furthermore, Port 23 (on which Telnet runs) is vulnerable to remote access attacks. Telnet sends data completely unmasked in clear text, allowing attackers to listen in, watch for credentials, inject commands via man-in-the-middle attacks, and ultimately perform Remote Code Executions. Different TCP and UDP ports, once open and listening, can make your devices and network vulnerable to remote access attacks.
For IT Pros, you can check for listening ports and see the services running on them through using a CMD command “netstat -ab.” Not only that, but you can also close some of these ports, especially when the services running on them are not crucial for you or your machine. For instance, you can close the Telnet port since you probably don’t need it to prevent attack incidents on your device.
- Use a firewall, especially for organization computers and networks. A firewall is a system of hardware, software, or a combination of both, that’s used to monitor and control incoming and outgoing network traffic. A firewall establishes a barrier to outsiders illegally intruding into the organization’s network or computers. Network layer firewalls can be used to implement packet filters where set rules are established, and this prevents uncalled-for packets from the outside from entering.
- Always ensure that your device or computer receives routine updates from your software and operating systems’ makers. Android users, especially on mobile, need to make updates from Google on a frequent basis. Windows Users must ensure that their operating system is up to date through automatic update settings embedded into your device OS. For those who use Apple devices, you must ensure that you are running an iOS, not below version 9.3.5. Apple Devices running below 9.3.5 versions are more likely to be easy targets of Backdooring through tools like Pegasus.
The “No” Answer.
WhatsApp can’t be hacked during the communication between the sender and receiver because it uses end-to-end encryption (E2EE). Some messaging apps only encrypt messages between you and them, but WhatsApp’s end-to-end encryption ensures that only you and the person you’re communicating with can read what is sent. Nobody in between, not even WhatsApp, has access to your communication.
Received messages are secured with a lock, and only the recipient and the sender have the unique key needed to unlock and read them. For added protection, every message you send has its own exclusive lock and key. All of this happens automatically: no need to turn on settings or set up private secret chats to secure your messages.
WhatsApp uses the “Signal Protocol” developed by Open Whisper Systems to implement the end-to-end encryption which works as explained:
- When the user first opens WhatsApp, two different keys (public & private) are generated. The encryption process takes place on the phone itself.
- The private key remains with the user, whereas the public key is transferred to the receiver via the centralized WhatsApp server.
- The public key encrypts the sender’s message on the phone before it reaches the centralized server.
- The server is only used to transmit the encrypted message. Only the private key of the receiver can unlock the message. No third party, including WhatsApp itself, can intercept and read the messages.
- If hackers try to hack and read the messages, they will fail due to the hardened encryption. This means hackers can’t position themselves between the sender and the receiver to carry out some kind of Man-in-the-Middle attack (MiTM).
To make it even harder, WhatsApp’s end-to-end encryption Architecture is based on AES Security Standards under which 256-bit encryption is recommended. In fact, the AES encryption standard is now used worldwide, making it the most reliable encryption technique available today.
Therefore, it is essential to note that WhatsApp communications can’t be intercepted during the transit stage due to the hardcore encryption used right from the sender up to the Receiver. However, embedding back doors into the target device could lead to remote access of WhatsApp data on your phones. Enhancing operating systems security, especially in Android OS, should be something developers at google must greatly focus on. Your personal device security and safety shouldn’t be overlooked, so you need to keep your eyes open all the time!
Innovation
An Overview of Amazon’s Latest Astro Robot
Earlier in October, Amazon announced their long-awaited Astro Robot that can be used for various purposes in homes. This robot can autonomously drive around your room thanks to its precise cameras and obstacle detection sensors. It is practically a home assistant that can help with a couple of simple tasks such as recognizing people and alerting you if someone new is in the house, handling video calls, and even alerting you when someone calls or if you have a reminder.
During the announcement of this robot, Dave Limp, head of Amazon’s devices and services, said they want their customers to use this robot for multiple tasks more than being an Alexa on wheels.
We have seen several versions of this concept, including Tesla’s humanoid robot that they released about two months ago. However, is Amazon’s Astro Robot really different from all the versions made by other companies? Let’s take a look at some of its key features.
Features of the Amazon Astro Robot:
- Intelligent motion: This robot has built-in sensors that enable it to drive around your home without colliding with objects. So, you can always have it wherever you need it within the house.
- Remote operation: The Astro Robot is connected to the internet, so you can control it while you are away from home. This handy security feature enables you to monitor your entire house while you are away.
- Built-in Alexa: It comes with all the Alexa capabilities. So, you can use it to set reminders, manage shopping lists, receive activity alerts, and many more.
- 10.1″ HD touchscreen display (1280×800): This can be used to make entries and consume content, such as watching TV shows, showing your music playing lists, shopping lists, and many more.
- 2 Cameras: It has a 5MP bezel camera and 1080P ultrawide periscope camera with a 1320 field of view. This camera can rise on a built-in arm up to 42″ from the ground for more effective home monitoring. The cameras also have built-in face recognition capabilities that can help users identify news faces in the house.
- It uses rechargeable Lithium batteries: These batteries support fast charging (full charge in 45 minutes) when using the charger included in the box.
- Connectivity: It supports WiFi and Bluetooth to communicate with other local devices and connect to the internet.
- Processors: This robot comes with a couple of processing chips, including a2x Qualcomm QCS605, 1x Qualcomm SDA660, and 1x processor with Amazon AZ1 Neural Edge.
Amazon’s Astro Robot will be available for purchase for $999 in up to 50 states in the US. However, getting this robot involves a few extra steps. You will have to request an invitation to buy it and answer a couple of questions in their survey form. Amazon will then send you feedback informing you whether your invite was accepted.
Innovation
Varda Space Startup Plans to Develop Factories in Orbit
Varda Space Industries has now raised $53 million in funding. This new startup in the space industry was founded by Will Bruey and Delian Asparouhov, a pair who have worked at SpaceX and Founders Fund for over a decade.
Like SpaceX, Varda’s mission is ambitious; they want to be the first company to build factories in space. In an interview with CNBC, Will Bruey, the CEO of Varda, stated: “The Varda mission is to build the first space factory – essentially the first industrial park on orbit.” Varda is aiming at having its first mission in the first quarter of 2023.
They raised over $42 million in a round of funding that involved investors like Khosla Ventures, Caffeinated Capital, Lux Capital, General Catalyst, and Founders Fund. Before this round, they had initially raised $11 million in seed capital, which brings their total capital to over $53 million within less than a year after founding the company.
Varda has so far assembled a team of 16 people, most of them coming from SpaceX and several other companies in the space industry. They aim to build a team of at least 40 people before the first launch.
So, what exactly will Varda be manufacturing in space? According to their CEO Bruey, Varda will look to tap markets for products such as semiconductors, fiber optic cables, or pharmaceuticals – “extremely large” marketplaces here on the ground, Asparouhov said. He also noted: “Varda can exist because we don’t have to build the entire” technology system “ourselves,”
They may not be the first company to take goods to and from space stations, but they want to become the first to manufacture products right from space.
Asparouhov, the co-founder of Varda, noted that they would judge themselves based on their frequency of reentry because their goal is to bring value back on earth.
Varda is currently working on a three-piece spacecraft to kick off their journey. It consists of a commercially available spacecraft platform, the manufacturing module, and a heat shield-protected capsule to reenter the atmosphere and land under parachutes. Their first goal is to bring back products of at least 100 kg of material on earth.
Regarding regulation, Varda is still in the preliminary design review level and in the final stages of being authorized by the regulators and other stakeholders. Many are wondering if Varda will beat the deadline for their first mission scheduled for Q1 2023.
Innovation
How Dubai Is Artificially Creating Rainstorms
The United Arab Emirates (UAE) is one of the hottest regions globally, with an average annual temperature of about 95 Fahrenheit. Unlike some parts of the UAE, temperatures in Dubai regularly surpass the 115 Fahrenheit mark.
Dubai currently receives only 4 inches of rain throughout the year, way below the world average (39 inches). Because of the lackluster rain and hot temperatures, Dubai imports over 80% of its food since no meaningful agriculture can be done.
But, the UAE government has now invested over $15 million into using artificial methods to induce rainstorms in Dubai to deal with the hot temperatures.
In the last few weeks, there was a breakthrough in their efforts when meteorological officials released a video of rain over Ras al Khaimah and several other regions in the UAE. Scientists made this possible by using electrical charges from drones that manipulate the cloud and force them to release raindrops.
This feat brings hope to many other regions worldwide that are facing the challenge of water scarcity and extremely high temperatures. One of the significant caveats in this research was that some tiny raindrops would evaporate due to hot temperatures even before they reached the ground. To overcome this, scientists had to ensure the electricity the drones hit the clouds with is enough to create larger raindrops.
In his words, the Ambassador of the United Arab Emirates to the U.K. said:
“It’s moving to think that the rainfall technology I saw today, which is still being developed, may someday support countries in water-scarce environments like the UAE.”
Even though cloud seeding technology is fascinating, there are still concerns about its short and long-term side effects. Some of the unfortunate incidents that happened in the past due to such technology include one when Russia mistakenly dropped a non-powderized block of cement on some homes.
Heavy flooding is another catastrophic side effect that scientists have identified that we could face due to this kind of technology.
Eight western states are already using the technology of inducing rain from the clouds in the USA, following Dubai’s footsteps. However, the challenge with this cloud seeding over the years has been determining its effectiveness in the short- and long term. This technology is in its infant stages and still has the potential if it turns out to be cost-effective and viable.
-
World4 years ago
Artificial Intelligence in the Modern World
-
Spzrts4 years ago
What’s the Hype Around FlightReacts?
-
Genfluencer4 years ago
How StevoLuddy Uses TikTok to Further Pursue His Passion
-
Genfluencer4 years ago
How Rowan Winch Makes Thousands From His Phone
-
Digital Culture4 years ago
The Effects of Social Media on the iGen (Generation Z)
-
Business3 years ago
5 Tips for Starting a Limited Liability Company
-
Digital Culture4 years ago
How to Navigate TikTok with Adam Meskouri
-
Digital Culture4 years ago
Why YouTuber Niko Omilana Is Running For Mayor