He and his team reportedly took advantage of an Android flaw to read encrypted chats.

John McAfee is already many things -- entrepreneur, presidential hopeful, alleged criminal. However, you might have to add one more item to that list: the co-discoverer of a potentially major Android security flaw. He and a team in Colorado claim to have found a hole in Google's mobile platform that lets them read encrypted WhatsApp messages (and those from other services, for that matter), rendering its privacy safeguards pointless. McAfee is saying precious little about how the intrusion works, but he gave Cybersecurity Ventures enough details to suggest that the story might hold up.

LIFARS, which conducted forensics, notes that the trick didn't involve getting root access to the phone, and that there were hints of both keyboard recording and spyware vulnerabilities. This could target an everyday Android phone, then, not just one that's already compromised.

McAfee says he's sharing the flaw after talking to Google. We've asked Google itself if it can shed more light on the claims and outline its plans for a fix (assuming one is needed). If his team really did find a way around encryption, though, this could represent a serious problem. Simply speaking, you couldn't guarantee that a chat was private unless you knew that everyone was running a safe operating system.

Source:
courtesy of ENGADGET

by Jon Fingas

If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]