After waiting for the acclaimed WhatsApp encryption, we see that it is finally useless. Both WhatsApp encryption and that of similar apps seem to not serve to prevent our conversations from being spied on by a third party.
Positive Technologies has demonstrated how it is possible to use the SS7 protocol to intercept conversations from instant messaging apps. The security flaws in this seem to come from years ago so it's not really a novelty.
Researchers have managed to intercept conversations in messaging apps such as Facebook Messenger, Viber, Telegram or WhatsApp using the mobile network. Even SMS can be spied on and this is precisely where the error comes from. These have shown that it is possible to impersonate any user in a conversation by reading their text messages, which serve as verification for these apps.
This comes to tell us that espionage agencies no longer need to violate the encryption that incorporate apps like WhatsApp or Telegram, but rather can use the infrastructures of the operators.
This way it is not necessary to break the encryption of instant messaging apps. All you have to do is pretend to be them to send and receive messages.
Until this problem is resolved by all operators the insecurity we have in apps is quite significant. Let's remember that the SS7 protocol is more than 40 years old and problems have rarely been solved with updates. Therefore, at the moment we are connected to a mobile network vulnerable in all senses.
