WhatsApp private info "leak" video goes viral
This morning a potentially hazardous feature in WhatsApp was the subject of a Tweet and video, both of which went viral. What we're going to do right now is discuss whether the information these bit of media present is an actual hazard for the end user – you. If you're worried about your data being shared with 3rd-party users, there's little to worry about – sort of.
WhatsApp with URLs?
The first bit of this situation shows how WhatsApp "leaks your private info" to websites. The first comment – the first and most popular comment on Reddit says it all. "I want to know is WhatsApp purposefully implemented this method for retrieving websites," said AsaTera. "Regardless...anything Facebook touches ends up leaking data. It's just making Telegram much more appealing."
What's happening in the video is the website in question attaining the IP address of the WhatsApp user trying to see it. So the website owner knows the IP address... of someone potentially coming to their website. This happens because WhatsApp has a webpage preview function that allows sites to seem to load faster for users that click links.
What's being "leaked"?
Inside the codes shown to the webmasters as described in the video above are several bits of information. Included is the IP address of the user posting the URL in the chat, this user's Android version, and this user's WhatsApp app version. The URL typed is also shared – but as it is with each of these other items, all are required to actually access a webpage. That's how the internet currently works.
What's the Solution?
There's no GIANT deal with this situation outside the unlikely event that someone is very well connected with a wide variety of website admins and is actively trying to track you down by your IP address. If you're not being hunted by the electronic mafia, you'll probably be fine as an average citizen. Otherwise something needs to be done.
Turning off the "Instant Preview" feature in WhatsApp would be great – but for now that's not an option. Don't get me wrong, it's a great feature to have – but it should be an option to turn it off.
NOT a major deal
It's not a massive deal that these tiny bits of information are being shared with websites. Each character of the URL typed is fetched by WhatsApp and NOT on behalf of the user. The website can't know what the rest of the message contained – and WhatsApp doesn't know, either.
Outside the URL itself, no part of any other message is shared with any service other than the sender and the receiver of the message. Encryption in WhatsApp remains solid – and there's really no reason to freak out about the nefarious plans you made with your best buddies last week – your secret is safe with the matrix.