Saturday, July 20, 2024
No menu items!
HomeData Engineering and Data WarehousingEnhancing the security of WhatsApp calls

Enhancing the security of WhatsApp calls

New optional features in WhatsApp have helped make calling on WhatsApp more secure.
“Silence Unknown Callers” is a new setting on WhatsApp that not only quiets annoying calls but also blocks sophisticated cyber attacks.
“Protect IP Address in Calls” is a new setting on WhatsApp that helps hide your location from other parties on the call.

Privacy and security are at the core of WhatsApp. In addition to protecting personal messages with end-to-end encryption, WhatsApp empowers users to control their own privacy settings: from what you share, how you show up online, or who can reach out to you or add you to groups.

In June 2023, WhatsApp announced an additional privacy feature: Silence Unknown Callers. We launched  this feature for the benefits it has for not only privacy but also security. The experience is simple: with the setting turned on, calls from unknown numbers do not ring your phone. Having carefully built this feature to minimize attack surface and external data processing, we are able to help protect users from not only unwanted contact, but also cyber attacks and spyware.

Then in October 2023, WhatsApp began rolling out “Protect IP Address in Calls” which hides your IP from the other party by relaying calls through WhatsApp Servers. 

Stop cyber attacks and hackers with “Silence Unknown Callers”

Across the software industry, calling products are an attractive vector for cyber attacks. Popular software projects in this space, such as WebRTC and PJSIP, have documented numerous vulnerabilities. Because of the complexity and large number of protocols involved, attackers have many opportunities to find a bug to exploit. Furthermore, calling software often automatically processes incoming packets from callers to optimize call setup and improve performance. This means calling vulnerabilities can often lead to “zero-click” attacks; the victim may not need to even accept the call for the attack to succeed.

In most calling products, devices exchange information and setup state without user interaction.

Many calling products offer ways to silence calls. However, traditional methods of silencing retain the same network protocols and message flow of a normal call which merely silences the call on the recipient’s device. This leaves many risks for call recipients unmitigated.

The recipient’s device may still perform complicated processing of attacker-controlled data
This gives an attacker ways to load data into the recipient’s memory 
The recipient may leak device information back to the attacker to increase exploit delivery reliability

One could attempt to mitigate these risks by adding state machines, firewalls, and sandboxes on the recipient. However, there are many examples in the industry of these techniques failing to protect users.

Instead, WhatsApp built a specialized protocol for delivering stripped-down, silenced call notifications to recipients. The server enforces this protocol, protecting the recipient device from the complexity of normal call setup and from processing attacker-controlled data.

Our implementation of silenced calls, with WhatsApp servers enforcing separation.

This approach took more effort than a client-only method. How can the server know if the call should be silenced without asking the recipient? In end-to-end encrypted messengers like WhatsApp, clients are the source of truth. We don’t keep logs of who everyone is messaging or calling: While traditionally mobile carriers and operators store this information, we believe that keeping these records for two billion users would be both a privacy and security risk and we don’t do it. 

WhatsApp developed a new technology, named privacy tokens, to solve this problem. Each client locally decides which other user it trusts and distributes tokens to them. When a call is placed, the caller includes the privacy token of the recipient in the protocol message. Next, the server checks the token’s validity along with a few other factors to determine if the intended recipient allows this sender to ring them. Crucially, for our user’s privacy, the server does not learn anything about the exact relationship between the caller and the recipient from the token.

With our design of this feature, calling becomes a much less attractive vector for attackers.

Protect your IP address metadata in calls

Two common methods of connecting call participants: peer-to-peer and via a relay.

Most calling products people use today have peer-to-peer connections between participants. This direct connection allows for faster data transfers and better call quality, but it also means that participants need to know each other’s IP addresses so that call data packets can be delivered to the correct device – meaning that the IP addresses are visible to both callers on a 1:1 call. IP addresses may contain information that some of our most privacy-conscious users are mindful of, such as broad geographical location or internet provider.

To address this concern, we introduced a new feature on WhatsApp that allows you to protect your IP address during calls. With this feature enabled, all your calls will be relayed through WhatsApp’s servers, ensuring that other parties in the call cannot see your IP address and subsequently deduce your general geographical location. This new feature provides an additional layer of privacy and security particularly geared towards our most privacy-conscious users. As always, your calls are end-to-end encrypted, so even if a call is relayed through WhatsApp servers, WhatsApp cannot listen to your calls.

Visit the WhatsApp Help Center learn more about this feature – which is being rolled out currently to iOS and Android users – and how to activate it.

Conclusion

WhatsApp built and launched “Silence Unknown Callers” and “Protect IP Address in Calls” this year as part of our ongoing comprehensive work to keep users safe. These features respect and improve user privacy while also reducing the effectiveness of real-world attacks.

Protecting user privacy and security is absolutely necessary for WhatsApp to accomplish its mission to enable private communication for the world. These new security features combine with many other protections to keep people safe on WhatsApp.

The post Enhancing the security of WhatsApp calls appeared first on Engineering at Meta.

Read MoreEngineering at Meta

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments