How a WhatsApp call could have taken over your phone | Cyber Security

0
Want create site? Find Free WordPress Themes and plugins.

 

Google just unsealed information about an apparently exploitable bug in that could have allowed a malevolent caller to take over your device.


Just answering a could have been enough to land you in trouble.

Project Zero researcher Natalie Silvanovich found a buffer overflow that could be triggered by data transmitted as part of the audio and video stream during a call.


WhatsApp, along with many other online calling apps, uses RTP, short for Real Time Protocol, for transmitting voice and video.

RTP was designed to be efficient – for example, it uses UDP instead of TCP, so that data arrives faster but less reliably. (UDP packets aren’t checked to see if they made it to the other end, and can arrive in a mixed-up order; TCP packets are verified and delivered in the order they were sent, which means more network overhead.)

If you lose some data packets from an app you are downloading, the entire download will be corrupted and useless; if you drop occasional voice packets, you’ll just have some inaudible moments in the call.

Unfortunately, RTP also squeezes its data into a binary packet format that needs careful unravelling at the other end to work out what sort of data was sent, how to deconstruct it, and how much data to expect.

Did you find apk for android? You can find new Free Android Games and apps.

You might also like More from author

Leave A Reply

Your email address will not be published.