WhatsApp is one on the world’s most popular chat platforms, boasting more than 1.5 billion users as of last year. One of the chat app’s main attractions is WhatsApp’s commitment to privacy and security. But it is now known Google is allowing people to find invites to some private WhatsApp groups.
Invitations to WhatsApp group chats are being indexed by Google, meaning the invite links —including links to private group chats — are discoverable and available to anyone who wants to join, Motherboard has revealed.
Links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website
Journalist Jordan Wildon Tweeted how he discovered WhatsApp’s “Invite to Group Link” feature allows the search engine giant to index groups.
In layman’s terms, indexing is the process of adding web pages into Google search.
Motherboard was able to locate private groups using specific Google searches.
READ MORE
-
The WhatsApp warnings that iPhone and Android users should NOT ignore
Once they joined a group — intended for non government organisations accredited by the United Nations — they had access to all of the participants and their phone numbers.
Although WhatsApp group administrators are able to invalidate a link to a chat, Mr Wildon says in such situations, WhatsApp only generates a new link.
Facebook-owned WhatsApp does not necessarily disable the original link to the group chat.
WhatsApp group links come with warnings attached, reminding the person who generates the link only to share it with people they trust.
Facebook / WhatsApp spokesperson Alison Bonny wrote in an email to The Verge how “like all content that is shared in searchable public channels, invite links that are posted publicly on the internet can be found by other WhatsApp users,” before adding “links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website.”
Google’s public liaison for search Danny Sullivan, tweeted: “Search engines like Google and others list pages from the open web.
“That’s what’s happening here. It’s no different than any case where a site allows URLs to be publicly listed.”
Mr Sullivan included a link to directions in Google’s Help Centre for blocking content from being included in search results.
READ MORE
- Valentine’s Day jokes and wishes for WhatsApp: Best messages to send
Jane Manchun Wong, well known for reverse engineering app code to discover features, added in a tweet how this indexing was due to a misconfiguration for WhatsApp.
Ms Wong noted the indexing should have been disallowed with robots.txt or with the `noindex` meta tag.
A WhatsApp spokesperson responded to Vice media group’s request for comment.
They wrote: “Group admins in WhatsApp groups are able to invite any WhatsApp user to join that group by sharing a link that they have generated.
“Like all content that is shared in searchable, public channels, invite links that are posted publicly on the internet can be found by other WhatsApp users.
“Links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website
WhatsApp has experienced other issues concerning security in recent months.
An suspected hack by Saudi Arabia into Amazon head Jeff Bezos’ phone back in 2018 was reportedly carried out via a malware-infected WhatsApp message.
And last May, a vulnerability discovered in the app was being used to inject spyware on Android and iOS phones via WhatsApp phone calls.
Express.co.uk has contacted WhatsApp for a comment.
Source: Read Full Article