Why you will never get WhatsApp’s new “awesome” update on your iPhone
So this is yet another unpleasant surprise for millions of iPhone users. It looks like WhatsApp has solved the most alarming security issue plaguing its 2 billion users. But not for you, this absolutely essential new patch is only Android. Your serious problem will not go away.
The problem is account hijacking that continues to plague users around the world. The fact that this has yet to be addressed is surprising, given the scale of the problem and the publicity it has generated. But ultimately, it seems there is some relief. At least for Android users.
Some of these account hijackings are stupidly simple– trick users into WhatsApp transfer six-digit SMS verification codes which are then used by attackers to transfer your WhatsApp to their own phones. They then send a message to your contacts, masquerading as you, usually asking for money. Other attacks are more complex, such as the “account suspension hackingâWe warned you in April, where anyone can block your WhatsApp account by repeatedly entering incorrect codes against your number.
The first of these issues can be avoided by setting up 2FA in WhatsApp – Settings / Account / Two-Step Verification. This is different from the code that WhatsApp sends by SMS, and it prevents any scammer from stealing your account. The second can only be avoided until / until WhatsApp stops automating account suspensions without verifying that the request is from an account holder.
What’s always been most annoying about this problem is that it looks so ridiculous. There is a phone number associated with your WhatsApp account, an SMS is sent to this number to verify a new installation, but the app cannot verify that the phone it is installed on is the one associated with that same number. Report hijackings.
There are clearly some privacy issues with WhatsApp extracting the device’s credentials, except that it does a lot of it anyway. This isn’t Signal we’re talking about. But even the suspension attack is so basic it’s laughable. It wouldn’t be difficult to find ways to prevent what is essentially a brute force attack on your account from a third-party device in a different location.
Either way, WhatsApp solved the problem, in a way. In a new beta blogger leak WABetaInfo, we were introduced to the concept of “flash calls”. A bit of a clunky workaround that links phone to SMS to WhatsApp account. But, clumsy or not, that should stop these dreaded account hijackings in their tracks.
Essentially, when you verify your account on your phone, WhatsApp calls the number. This is a flash call, literally you can’t answer it. But it drops one of the numbers from WhatsApp’s number bank into your recent calls list. WhatsApp then checks that this phone number and the phone number that sent the one-time SMS code are the same. “This phone number is always different, so there is no way to go wrong with this method.”
Although WABetaInfo is a blogger, it has become the de facto source of upcoming updates for WhatsApp watchers around the world, especially now that it has been legitimized by WhatsApp chief Will Cathcart and boss Mark Zuckerberg. making public a discussion with WABetaInfo on new features.
The reason you won’t see it on your iPhone is because Apple doesn’t provide an API in the recent calls list. What happens on an iPhone stays on an iPhone, and all that. You would think there would be another way to fix the problem, but apparently not. Hey, WhatsApp, here’s an idea: make 2FA mandatory. There you have it, problem solved.
In the meantime, the timing of this fortuitous question is interesting. We’ve all watched Mark Zuckerberg trade punches in the media about Apple’s crackdown on data collection and user tracking, both of which are somewhat essential to Facebook’s business model.
WhatsApp has acknowledged that it’s used a lot more on Android than iPhone, partly because there are a lot more Android devices, and partly because iMessage is used a lot more in the United States, where iPhones enjoy a larger market share.
“I am using an Android” Cathcart said in March, “Because if you look at the WhatsApp user base, we are very Android hungry … I have been using iPhones for many years, but I really want to use the product as most people use it,” so i am using an android. “
Well luckily for Cathcart this reported fix will work on his phone.
Meanwhile, Apple announced a series of improvements to iMessage for iOS 15 expected in the fall. Facebook is already angered by iMessage’s dominance over entire swathes of the iPhone population and the fact that there is no way to change the device’s default messenger, which will only do so. aggravate this frustration.
iMessage is becoming more and more integrated into the fabric of iOS, the mechanism for sharing much more than photos and emojis, now you can share news, entertainment, websites and more, all of which will have placeholders. specials on iPhone with iOS 15.
“I would like to stress that we increasingly see Apple as one of our biggest competitors”, Mark Zuckerberg said earlier this year. “iMessage is a key part of their ecosystem, which is why iMessage is the most widely used messaging service in the United States,” accusing Apple of “using its dominant position on the platform to interfere with the functioning of our applications “.
Well, now all these iPhone users need to enable 2FA to keep WhatsApp safe. It looks like WhatsApp is about to become even more Android-focused than it already is. All of this raises an interesting question: This is one of Facebook’s responses to Apple’s crackdown on differentiating the functionality of iOS versus Android. As unlikely as it sounds, it would be an interesting twist if it did.