Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
steve19
on Sept 8, 2015
|
parent
|
context
|
favorite
| on:
WhatsApp Security Vulnerability
It simply allows you to send arbitrary files. No different to sending a link to a virus over email or putting a link on a Web page.
Stupid/normal users would then try run the downloaded file.
NullCharacter
on Sept 8, 2015
[–]
It's a little more guileful than that, and it definitely is a flaw with WhatsApp not validating their file types/formats.
sambe
on Sept 8, 2015
|
parent
[–]
But only a little - you could argue the vast majority of e-mail attachments are .doc etc with parsing bugs rather than straight .exe. Contrary to the gushing "using only their phone number" in the article, they admit that gullibility is required.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Stupid/normal users would then try run the downloaded file.