WhatsApp for desktop has been made available not so long ago

Jan 26, 2015 12:25 GMT  ·  By

Back in December, we told you about a vulnerability uncovered in WhatsApp’s Android app that lead to the loss of conversations.

Well, the same tech blogger and security researcher who tipped us about the flaw in the popular cross-platform messaging solution comes back to reveal more problems affecting the system, this time in the desktop version.

WhatsApp web suffers from a couple of photo-related bugs

Indrajeet Bhuyan points out that the new version of WhatsApp Web is plagued by a photo privacy bug which allows us to view a user’s profile image even if we are not on the contact list of that person. What’s more, the profile pic can be viewed regardless of the fact that the person has set the profile image privacy to “Contacts only.”

In theory, if the feature has been activated, only the people in the person’s contact list can view the profile picture. Sadly, this is not what happens in some cases. You can see for yourself the vulnerability being demonstrated in the first video embedded bellow.

Another problem Bhuyan encountered is related to web photo syncing. The tech blogger noticed that whenever a user deletes a photo that was sent via the mobile WhatsApp version, the image appears blurred and can’t be viewed.

However, the deleted photo can still be accessed via the web client, revealing the fact that the two services are yet to be synced properly. Check out a demoing of this problem in the second video embedded below.

WhatsApp Web needs some improvements

As WhatsApp Web has barely been introduced, it is to be expected that certain bugs might arise and others could be revealed in the near future.

In the near future, WhatsApp will probably fix the vulnerability and add other features that will make messaging experience secure.

Recently, WhatsApp added end-to-end encryption on Android thanks to a partnership with Open Whisper Systems – an open source project that promotes private and safe communication.