With the increased popularity of smartphones my friends are trying to get me to use WhatsApp. Because of the same reason why I ditched ICQ a few years ago, I’ll refuse to use WhatsApp in its current state, at least, until it at least has some encryption at all.

Though WhatsApp is using the Port 443 for its communication, the messages sent via the messenger aren’t encrypted at all, so if you’re using a Sniffer in any public wifi or multi-device network where somebody is using WhatsApp, you’re actually able retrieving the username, phone numbers and messages of everyone involved in the communication.

Another problem is, that it may be possible for WhatsApp as a company to read and sort all your sent messages, and I’m pretty sure nobody really wants that.

If you’re mainly using WhatsApp via 3G network, you’re not affected by the sniffing issue at least.

So what to do about this?

  1. Choose a way of communication which is more secure than WhatsApp is. I, myself, use XMPP, Skype and Mail for most of my daily communication.
  2. Skype messages are 256-bit AES encrypted.
  3. XMPP can be extended via plugins enabling things as E2E encryption and OTR communication.
  4. Mail can and should be encrypted via PGP, it’s my prefered way of communication.
  5. If you have to use WhatsApp, it may be possible to encrypt your message using PGP manually and send it via WhatsApp; it’s probably one of the only ways using this messenger securely.