Skip to main content

Whatsapp Code Hints At New Voice Feature, No Signs Of End-To-End Encryption Yet

Whatsapp has two versions of its Android app, one of which is distributed through the Play Store, while the other is released on its website. The latter is typically the one that gets all the new features.

The latest version, released a few days ago, has been found to have a feature that monitors how much data the user has been using for calls. This points to a voice feature that Whatsapp users everywhere will soon be able to use. The app currently doesn't allow voice calling, and the company hasn't officially announced the new feature, but an announcement is likely forthcoming.

Recently, Whatsapp enabled end-to-end encryption for its Android app, promising that the same kind of encryption will soon be available for group chats and also for the iOS version of the app. The company collaborated with Moxie Marlinspike (a pseudonym), the founder of Open WhisperSystems, to bring TextSecure's end-to-end protocol over to Whatsa

pp.

This move made Whatsapp's chats much more secure and private than before, when the company was only using HTTPS channel encryption. HTTPS encryption can be more easily thwarted by states' governments through man-in-the-middle attacks, and then they can see what their citizens discuss on the Whatsapp platform. In countries where it has servers, Whatsapp can also be served with orders (whether from a court or the government itself, depending on the country's laws) to reveal communications between users.

End-to-end encryption is meant to stop that by encrypting the messages locally, with keys owned only by the users who are chatting with each other. More and more chat applications seem to be implementing this sort of feature in their apps lately as a response to governments' mass surveillance abuses (although the level of security for each app's "end-to-end encryption" will vary). However, some of the most popular applications of this type, such as Google's Hangouts and Microsoft's Skype, remain without it. 

TextSecure's protocol also has a feature called "forward secrecy" that ensures previous messages are encrypted with different keys. If one of the keys is stolen, then only some of the messages using that key can be decrypted.

The Open WhisperSystems group offers an open source voice app alongside the TextSecure chat app and also uses end-to-end encryption. The app works on Android and iOS, although it's named differently on each platform (RedPhone and Signal, respectively).

Signal Private Messenger - iOS

There's nothing showing whether the new voice feature from Whatsapp will use the end-to-end encryption or not. However, if Whatsapp wants to preserve the same level of privacy and security for both its chat and voice systems, then it could easily collaborate with Open WhisperSystems again to enable RedPhone's end-to-end encryption, as well.

We've reached out to Whatsapp for further comment and will update the story accordingly.

Follow us @tomshardware, on Facebook and on Google+.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
  • thundervore
    And since Facebook owns whatsapp they will now collect information on the numbers your calls and try to suggest them as a friend on the website if that person added their phone number to their profile
    Reply