Wednesday, 08 July, 2020


Over 400K private WhatsApp group invite links are exposed to search engines

Over 400K private WhatsApp group invite links are exposed to search engines Over 400K private WhatsApp group invite links are exposed to search engines
Melba Vasquez | 25 February, 2020, 13:22

Following the revelation, the folks at Motherboard did some digging and found a variety of WhatsApp chat groups.

As XDA Developers reports, Google's public search liaison Danny Sullivan has tweeted that this is simply a result of the search engine working as intended, and if WhatsApp did not want these links to be listed, it should use a "noindex" meta tag or "norobots.txt" to stop it happening. Once you do, you can see that Google has indexed up to 470,000 such links, meaning hundreds of thousands of groups could potentially be accessible this way.

The Deutsche Welle journalist Jordan Wildon had reported the issue on Twitter and said that the WhatsApp group invite links have been indexed by Google. Many of these results are invites for private groups. "We do offer tools allowing sites to block content being listed in our results". Group administrators can invalidate the link if so desired.

It appears that Google is indexing at least some of these invites which enables pretty much anyone with Google access to find them.

Jane Manchun Wong, known for reverse-engineering apps, brought more attention to the situation. "It's no different than any case where a site allows URLs to be publicly listed". A spokesperson said in a statement that "invite links that are posted publicly on the internet can be found by other WhatsApp users". "Links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website", Bonny added. People shouldn't be sharing these URLs online, but WhatsApp could solve the problem of them being so easily searchable.

The issue had been pointed out to Facebook's bug bounty program by a researcher a year ago, but the company ruled that it did not warrant a bounty with a statement similar to the one given to Vice.

The reply, apparently from Facebook on November 12, 2019, stated that although the company was surprised that links are indexed by Google, the company "cannot completely control what all search engines, Google, and others, index".

On an FAQ page from earlier this month about how WhatsApp helps fights child exploitation, the company writes "WhatsApp has a zero-tolerance policy around child sexual abuse".

Recommended

loading...
...

Trump advisor asserts seeing no intel of Russia meddling Trump advisor asserts seeing no intel of Russia meddling The Post then reported Friday that Trump and the Sanders campaign were briefed on Russia's efforts to help them. FESSLER: Exactly, which, of course, is what Russia's main goal is - to create confusion with our elections.

SPAL 1-2 Juventus: Cristiano Ronaldo equals two Serie A records SPAL 1-2 Juventus: Cristiano Ronaldo equals two Serie A records Fiorentina also hit the post despite being a man short from the 62nd minute after defender Dalbert tripped Zlatan Ibrahimovic . Ronaldo had an early goal disallowed for offside and Dybala struck the inside of the post before Juventus went ahead.

Kobe Bryant's widow sues helicopter operator for deaths Kobe Bryant's widow sues helicopter operator for deaths Officials said the pilot had been struggling with the same issue of low visibility conditions the day of the recent 2020 crash. He was denied clearance to the airspace because weather conditions had reduced visibility below the visual flight rules.

OnePlus 8 Pro design revealed in a new leaked photos OnePlus 8 Pro design revealed in a new leaked photos That's because the firm is expected to take the wraps off its next smartphone series - the OnePlus 8 - in the coming months. The device will feature a punch-hole front camera in the device's top left corner is confirmed to come with a 90Hz display.

Calls for Australia to 'get involved' in Assange extradition trial Calls for Australia to 'get involved' in Assange extradition trial And he said WikiLeaks' activities created a "grave and imminent risk" to US intelligence sources in Afghanistan and Iraq. Mr Assange is facing extradition to the United States on 18 charges and faces up to 175 years in prison if found guilty.

Free highlights: Liverpool 3-2 West Ham in 90 seconds Free highlights: Liverpool 3-2 West Ham in 90 seconds Liverpool will be without captain Jordan Henderson for their next three games, according to Sky Sports . Liverpool even had time for a fourth goal to be ruled out by that supposed friend of the reds - VAR.

Wells Fargo to pay $3B to settle fake accounts probes Wells Fargo to pay $3B to settle fake accounts probes The bank imposed unrealistic sales goals on employees, who were "intimidated and badgered" to comply, the OCC lawsuit says. They said the settlement also did not include similar conduct that fell outside the 14-year period.

VAR headlined again in Premier League VAR headlined again in Premier League Burnley beat Bournemouth 3-0 to win for the fourth time in five Premier League matches and lift themselves to eighth in the table. Crystal Palace eased any relegation concerns by beating Newcastle 1-0 to move back into midtable.

Amie Harwick Was Strangled Before Being Thrown from Balcony Dr. Amie Harwick Amie Harwick Was Strangled Before Being Thrown from Balcony Dr. Amie Harwick Police stated there was "attainable proof of a wrestle" and indicators of an intruder. Pursehouse was arrested on February 15 and held on $2 million bail, which he posted.

Tesla's Berlin Gigafactory Is Back On Schedule Post Environmental And Regulatory Hiccups Tesla's Berlin Gigafactory Is Back On Schedule Post Environmental And Regulatory Hiccups Yesterday, a court ruled that neighborhood authorities had not avoided laws in permitting Tesla's tree felling job to start. According to Reuters , Tesla has began felling bushes in japanese Germany as phase of the native opposition.

'The Witcher' season 2 adds seven to the cast 'The Witcher' season 2 adds seven to the cast Henry Cavill and fellow stars Anya Chalotra , Freya Allan and Joey Batey are all expected to return to their roles. Hivju will play Nivellen, who in the Witcher books is a man cursed to take on the appearance of a monster .

Buffett says coronavirus doesn't dampen his long-term support for stocks Buffett says coronavirus doesn't dampen his long-term support for stocks The 2019 figures included Q4's $4.4 billion of operating earnings, which was a bit lower than the $5.7 billion earning during the prior year period.

Sydney Roosters overcome battling St Helens to retain World Club Challenge title Sydney Roosters overcome battling St Helens to retain World Club Challenge title Lois Forsell believes Jonny Lomax can pull the strings in St Helens' Betfred World Club Challenge clash against Sydney Roosters. The Saints boss commented: "Everyone has commented on the atmosphere and how tough a game it was".

Mooney, Gibbs lead Notre Dame to 87-71 win over Miami Mooney, Gibbs lead Notre Dame to 87-71 win over Miami Gibbs was on fire from three and converted on all four of his attempts, catapulting the Notre Dame offense with 14 points at half. The previous season in South Bend found Miami closing strong as a small road "dog to beat Notre Dame 77-74 on its home floor".

Microsoft releases Threat Protection with support for iOS and Android Microsoft releases Threat Protection with support for iOS and Android The Redmond giant has announced that it will bring its Defender Advanced Threat Protection (ATP) to the mobile operating systems. Microsoft might release the Defender app for Android and iOS at the RSA Conference in San Fransisco next week.