| ▲ | ale42 8 hours ago | ||||||||||||||||||||||
A bit disappointing, I thought everybody knew it was possible to "enumerate" Whatsapp accounts? I was hoping for something more juicy like RCE... | |||||||||||||||||||||||
| ▲ | 0cf8612b2e1e 6 hours ago | parent | next [-] | ||||||||||||||||||||||
The lack of rate limiting was surprising. | |||||||||||||||||||||||
| ▲ | ruinin 8 hours ago | parent | prev [-] | ||||||||||||||||||||||
The most interesting vulnerability is the reuse of cryptographic keys, some of it apparently by design, like when transferring one's account to a new number - this can apparently be used to correlate identities despite the change of phone number. Also, from examining the published data set I found it interesting that there are only five WhatsApp users registered in North Korea. I wonder who they are. | |||||||||||||||||||||||
| |||||||||||||||||||||||