WhatsApp is one of the most popular IM applications around and like every piece of software, it isn’t free from bugs and issues. And while the developer is working hard to fix whatever is broken, we’re seeing new flaws popup. The latest one takes a hit at the service’s privacy as hackers can easily track movements of people on the IM app.
WhatsApp has some pretty robust privacy settings as it allows you to choose who can see the information you share. Basically, you can choose whether you want everyone, only contacts or nobody to access details like your last seen, profile photo and status updates. And even if you set them to the highest level, there’s still a way hackers can keep track of what you do on the service.
Now, they won’t be able to read your messages, but your basic privacy which we mentioned above will be entirely compromised. A student from Dutch University, Maikel Zweerink, has designed a web tool he calls WhatsSpy Public which basically leverages a flaw in the service’s privacy settings.
Maikel explains in a blog post that he can track anyone’s moves on WhatsApp through this tool even if you set all of the privacy options to ‘nobody.’ What’s more, the web app is made available as an opensource project on Gitlab which means anyone can grab a copy and fiddle with it. However, you’d need to have good knowledge on IT and your own personal server to get things working.
Even so, the thought of someone being able to stalk your profile is scary and hopefully WhatsApp will do something to improve its security and also patch the privacy flaw. If you’re not convinced by Maikel’s web tool, he’s willing to give you a live demonstration as long as you’re willing to play guinea pig.