Messaging Apps on Mac at Risk

You may have heard that a critical security flaw has been discovered in the Mac versions of both WhatsApp and Signal, potentially compromising the privacy of millions of users… Not something you generally hear about Apple products and software.
What's the Problem?
The issue lies in how these apps store data on your Mac. Unlike Apple's iMessage, which isolates data to prevent unauthorised access, WhatsApp and Signal leave your chat history and media unencrypted and accessible to other applications.

​

The Risk: Remote Access and Data Theft
This vulnerability opens the door for malicious software to steal your chat history and media in real-time, bypassing the supposed security of end-to-end encryption.
Signal's "Backdoor" Risk
Signal faces an additional threat. The encryption key for your chat history is stored unencrypted, further jeopardising your data. Additionally, a vulnerability allows attackers to create "cloned" sessions, granting unauthorised access to your ongoing conversations.
Who Should Be Worried?
Anyone concerned about the privacy of their communications, especially those in high-risk professions or locations, should be particularly cautious.
What to Do?
Security experts advise unlinking the desktop apps from your phone immediately. This essentially removes their access to your data and renders them unusable. You can do this through the settings menu in your phone's WhatsApp or Signal app.
The Takeaway:
While using the mobile apps is still considered secure, this incident highlights the importance of vigilance. Until the desktop apps are patched, it's best to avoid them altogether.
The Wait for a Fix:
WhatsApp and Signal have not spoken out about the issue or any potential updates… so maybe until then, prioritise the security of your communications by unlinking the desktop apps.

​