A software engineer named Robert Heaton has discovered a WhatsApp vulnerability that could allow a person to spy on another’s WhatsApp activity. While the exploit can’t be used to see the content of the messages, it could be used to identify when people are likely to be messaging each other, and when WhatsApp users are asleep.
What’s potentially even more worrying is that the vulnerability isn’t unique to WhatsApp, either: someone has previously done basically the same thing with Facebook.
While knowing that two people are communicating without knowing what’s being said may sound unalarming — tantamount to watching a couple talking over coffee through a sheet of glass, perhaps — there are some troubling implications. What if, for example, a person suspects that their partner is cheating on them with someone who they frequently message? What if they want to know when that person is usually in bed asleep, too?
Of course, I’m not suggesting that this nightmare scenario is destined to happen, and the seriousness of the situation is up for debate; theoretically, you could just sit on WhatsApp watching for when two people come online to start making some guesses without prolonged activity monitoring.
Regardless, Heaton has highlighted another way in WhatsApp’s billions of users offer up personal information simply by using the product — and how they’re doing so when WhatsApp could seemingly just allows users to turn off the Online status symbol to instantly quash it.