http://vyrec.com/versi-terbaru-whatsapp-menjanjikan-lebih-selamat/

Versi terbaru WhatsApp(Android) kini dilengkapi dengan sistem enksripsi yang kuat, yang mana sistem tersebut akan berfungsi secara automatik setelah anda mengemaskini WhatsApp anda kepada versi terbaru. Versi terbaru itu dikatakan akan menjanjikan mesej-mesej anda lebih selamat.Menurut apa yang dilaporkan, enkripsi yang dipanggil End-to-end ini lebih kuat daripada enkripsi yang ditawarkan oleh Google, Microsoft, dan Apple.End-to-end bermakna, WhatsApp sendiri tidak akan boleh mendekripsi semula mesej, walaupun syarikat itu dipaksa oleh penguatkuasa undang-undang.Sistem enkripsi tersebut berfungsi dengan hanya menyediakan satu kunci kepada setiap perbualan diantara dua orang, dan hanya dua orang itu sahaja boleh mengakses kunci tersebut. Secara mudahnya, perbualan anda ibarat satu rumah, dan cuma anda dan rakan anda sahaja yang mempunyai kunci kepada rumah berkenaan. Jika anda berbual dengan ayah anda? Rumah & kunci yang lain akan disediakan oleh aplikasi WhatsApp.Beberapa lagi aplikasi lain yang menggunakan konsep enkripsi yang sama; contohnya Cryptocat, Silent Text dan Telgram. Tetapi WhatsApp akan menjadi aplikasi terbesar yang mengamalkan sistem deskripsi tersebut memandangkan kini WhatsApp mempunyai lebih 600 juta pengguna diseulurh dunia.

http://liputanhp.com/fitur-end-to-end-pada-aplikasi-whatsapp.htmlFacebook sebagai pemilik WhatsApp memberikan fitur enkripsi end to end pada aplikasi WhatsApp. Fitur ini di klaim memiliki tahap keselamatan yang tinggi, bahkan bisa dikatakan sejajar dengan tingkat keamanan yang dimiliki oleh Apple, Microsoft dan Google. Fitur enkripsi yang digunakan di WhatsApp memang bukan hal yang baru pada aplikasi chatting, akan tetapi hanya WhatsApp yang memiliki pengguna lebih dari 600 juta orang.Fitur sejenis ini bisa didapatkan pada aplikasi seperti iMessage, Silent Text, Cryprocat dan aplikasi lainnya. Dengan menggunakan fitur enkripsi end to end, pesan yang dikirimkan hanya bisa dibaca oleh penerima, bahkan pesan-pesan tersebut tidak akan bisa dilihat oleh pihak WhatsApp dan pihak lain, dalam hal ini badan penegak hukum sekalipun. Pesan tersebut akan hancur secara otomatis tanpa melalui server WhatsApp.Perbandingan sistem standard dengan sistem enkripsi end to end.WhatsApp bekerjasama dengan Open Whisper System untuk mengembangkan fitur ini. Fitur enkripsi ini baru boleh dinikmati oleh para pengguna Android, pada masa akan datang digunapakai kepada platform lain pula.Diharapkan fitur enkripsi ini tidak mengalami permasalahan seperti yang di alami oleh Apple pada aplikasi iMessage. Beberapa waktu yang lalu, Apple mendapatkan surat teguran oleh pemerintah AS dan FBI. Pemerintah AS beralasan kalau fitur iMessage tidak dapat diakses oleh Agen intelejen (NSA), hal ini akan mempersulit badan hukum untuk mengungkap sebuah kasus kejahatan.

amis, 20 November 2014 | 21:08http://www.beritasatu.com/digital-life/226735-whatsapp-terapkan-sistem-enkripsi-pengiriman-pesan.htmlWhatsApp Terapkan Sistem Enkripsi Pengiriman Pesan

Aplikasi chatting WhatsApp. (sumber: WhatsApp)Sebagai layanan pengiriman pesan yang paling banyak digunakan di dunia, WhatsApp telah mulai mengenkripsi pesan yang dikirimkan oleh penggunanya, dengan tujuan untuk melindungi dari sergapan para hacker.Informasi tentang sistem enkripsi ini diungkapkan oleh pihak Open Whisper System, sebuah perusahaan yang bergerak dalam bidang pengembangan perangkat lunak yang terkait dengan teknologi enkripsi.Pihak Open Whisper System sendiri mengklaim, dengan penerapan sistem baru ini, pesan yang dipertukarkan diantara pengguna, nantinya akan dienkripsi secara default oleh sistem, sehingga hanya pengirim dan penerima yang dapat membacanya. Hal itu, dapat mencegah para hacker untuk memperoleh informasi dengan cara mencegat komunikasi yang dilakukan para pengguna aplikasi WhatsApp.Dalam sebuah pernyataan, pihak Open Whisper Systems mengumumkan bahwa aplikasi pesan WhatsApp untuk Android versi terbaru telah mulai diterapkan sistem enkripsi, dan akan dilakukan proses penerapan secara bertahap pada platform (iOS, Windows) lainnya.Meski demikian, pesan yang dikirim pengguna dalam percakapan grup dan melibatkan lebih dari dua orang, belum sistem enkripsi ini.WhatsApp sendiri saat ini diketahui memiliki lebih dari 600 juta pengguna diseluruh dunia.Penulis: Feriawan Hidayat/FERSumber:News

An Analysis of WhatsApp Forensics in Android SmartphonesMr. Shubham SahuPursuing Bachelor ofEngineering inComputer Science&Engineering|FounderChhattisgarh InfoSecSociety (NGO)cybersecurityguru@gmail.comAbstractWhatsApp is mobile application which allowsexchange ofmessages, videos, audios and images viaSmartphone. The increased use of IM on Android phoneshas turned to be goldmine for mobile and computer forensicinvestigators. This paper focuses on conducting forensicdata analysis by extracting useful information fromWhatsApp and from similar applications installed onAndroid platform.KeywordsWhatsApp, Android Forensics, WhatsAppSecurity, Data Security.I. IntroductionWhatsapp allows to text messaging, send images, video, andaudio media messages. The application is available for Android,Blackberry, iOS, Symbian (s60), and Windows phone. WhatsappInc. was founded in 2009 by Brian Acton and Jan Koum, bothveterans of Yahoo!People are exchanging information like images, videos, activitiesand events. But despite of getting connected with friends formore and more time, their privacy is also getting morevulnerable to threats by hackers and cyber criminals.There is norestriction on the length and number of messages onecan exchange and no carrier IM fees apply. One does not need toinstall a sim-card to use WhatsApp; the only requirements are asupported phone, internet connection and storage space on thephone to download the application.WhatsApp uses a customized version of the open standardExtensible Messaging and Presence Protocol (XMPP). AfterWhatsApp is installed in any mobile, it creates a user accountusing the phone number as the username (ID: [phonenumber]@s.whatsapp.net). WhatsApp automaticallysynchronizes all the phone numbers fromusers phonebook withits centralized database of WhatsApp users to add contacts to theuser's WhatsApp contact list.Previously, WhatsApp messages were not encrypted, that meansdata which was sent and received was in plaintext, meaningmessages could easily be read easily if packet traces wereavailable.WhatsApp NOW AND BEFOREWhatsApp data is stored in the Internal Memory of the mobilephone. After it is installed, it automatically synchronizes with thephone'scontactsshowinguserswhoarealreadyusingWhatsApp.When a mobile with WhatsApp installed is turned on,com.whatsapp process receives a signal to start the'ExternalMediaManage' and 'MessageService' services whichruns in the phones background till the phone is turned on.BeforeWith the starting version of WhatsApp 2.9 the messagesexchanged was stored in 'msgstore.db' which is SQLitedatabases. But in early versions security researchers found thatthe chat records which was handled by WhatsApp wasvulnerable, because the database file which saves the chatconversations was not encrypted and can easily accessiblethrough many ways to get the whole conversation chat detailsincluding images, videos, contacts and so on. As this news hitsthe internet, security researchers started researching withWhatsApp database (msgstore.db) to retrieve the conversationeven the deleted ones from the chat option. But WhatsAppreacted soon and came up with an encryption mechanism toprotect its database.NowNow,accordingtoofficialsofWhatsApptheyaretakingtheconversation database security in a very serious manner, nowWhatsApp database encryption having custom AES encryptionalgorithm with above 192-bit encryption key mainly used forWhatsApp Android Platform. So now the previous filemsgstore.dbis converted tomsgstore.db.crypt.II.Material and MethodologyThe major problem after having the filemsgstore.db.cryptis itsdecryption. Thanks to contribution of Francesco Picasso whomade a tool to decrypt and organize SQLite database files in anorganized HTML form. The tool works for both encrypted anddecrypted database files. The WhatsApp Database EncryptionProject has made known a vulnerability in the Androidimplementation of the AES Cipher: the 192-bit key can bedetected performing both static or active analysis on thesoftware package.A python script uses this same key to decrypt the encrypted dbfile and presents the result in awell organised HTML page. ThepaperimpliesthatthesameencryptionkeyisusedforallWhatsApp installations on Android. In this methodology, wehave used this Python tool to decrypt and read our encrypteddatabase and it was done successfully with the latest version ofWhatsApp 2.11.186. We can alternately read the database filesthrough the 'SQLite browser' but the timestamps andrepresentation of data is not straightforward. Another advantageof WhatsApp Xtract tool is that all the media contents that areexchanged are displayed on the HTML page itself, one does nothave to look into the media folder separately. The tool can beuseful in comparing the data we analyze.Finding the information:WhatsApp stores all its chats on a SQLite database: Thepath ofdatabase file is different from platform to platform.Android:(/sdcard/WhatsApp/Databases/msgstore.db.crypt)iOS:

InternationalJournalofEngineeringResearchISSN:2319-6890)(online),2347-5013(print)VolumeNo.3,IssueNo.5,pp:349-35001May2014IJER@2014Page350(Application/net.whatsapp.WhatsApp/Documents/ChatStorage.sqlite)Main Features:WhatsApp database can be inspected for both iOS(ChatStorage.sqlite) and Android (msgstore.db &wa.db) devices;Emoticons and attachments (images / video / audio /gps / contacts) are shown in themessage content.How to use:Step 1:Download WhatsApp Xtract package on your computerand extract it.Step 2: Download and install Python programming languageenvironment on your computer.Step 3: Open the folder where you downloaded the WhatsAppXtract archive. Find a filewith name!install pyCrypto.bat, rightclick on it and click run as administrator. This bat file willexecute the following Python command,pypm installpycrypto.This common automatically installs the pycrypto library onyour computer, which will be used to decrypt the WhatsAppbackup data.Step 4: In the same folder, run eitherwhatsapp_xtract_iphone.bat,whatsapp_xtract_android_crypted.batorwhatsapp_xtract_android.batDepending upon the backup file you used. To run any of thesefiles, simply right click on it and click run as administrator, justlike above.You can also runwhatsapp_xtract_console.batto specify theWhatsApp backup file manually./* For Android DB: */python whatsapp_xtract.py -i msgstore.db -w wa.db/* If wa.db is unavailable */python whatsapp_xtract.py -i msgstore.db/*For crypted DB*/python whatsapp_xtract.py -i msgstore.db.crypt/*For iPhone DB*/python whatsapp_xtract.py -i ChatStorage.sqliteResultsAs soon as the execution of the bat file or command iscompleted, all your WhatsApp backup data will be decryptedand will be displayed in the default browser on your computer.IV.ConclusionWhen doing a forensic investigation, having the most recentmessages for analysis can play a vital role. In addition to therecent messages one can look into deleted messages as well.Thus, retrieving the artefacts after the factory reset of the phoneor retrieving the deleted data can be taken as the future aspect.AcknowledgementI would sincerely like to thank Reader(s) of Department ofComputer Science, REC Raipur - Prof. Anurag Sharma & Prof.Uzma Ansari for their excellent guidance and support. Theirexceptional knowledge, wisdom and understanding haveinspired and motivated me. I wouldalso like to thank Mr.SaketModi, CEO of Lucideus Tech Pvt Ltd for his guidance.Referencesi.http://en.wikipedia.org/wiki/WhatsAppii.https://play.google.com/store/apps/details?id=com.whatsappiii."Forensic Analysis of Instant Messenger Applications on AndroidDevices.:IJCA 2013.iv.Zena Forensics WhatsAppXtract Tool- (Available Online)http://code.google.com/p/hotoloti/downloads/listv.http://developer.android.com/guide/components/fundamentals.htmlvi.Android Forensics, 1st Edition: Andrew Hoogvii."WhatsApp Database Encryption Project Report" :Cortjens, D., A.Spruyt, and W. F. C. Wieringa.viii.Whatsapp Hacking 2013 :Lucideus Tech Pvt. Ltd.ix.ForensicAnalysisofWhatsAppon Android Smartphones:University Of New Orleans.x.Open source tools for mobile forensics:Sans European DigitalForensics Summit.

6