WhatsApp user chats on Android liable to theft due to file system flaw

A newly discovered security flaw in the Android version of WhatsApp allows another application to upload a user’s entire database of chats to a third-party server, without their consent.The error stems from the Android operating system’s handling of external storage, as well as lax security standards in the WhatsApp application itself. As detailed by Bas Bosschert, a dutch security consultant, the flaw allows any Android application with access to the device’s SD card to read and upload WhatsApp’s database.

Screen Shot 2014-03-12 at 9.56.28 AM

read more via theguardian.com