Skip to main content

WhatsApp "lastseen" privacy setting is USELESS and they don't care!

WhatsApp Web
"lastseen" Chrome Extension.

Some time ago I informed Facebook that the
privacy setting "lastseen" in WhatsApp is totally useless.

After a few e-mails thay told me they didn't consider this
a security problem, but a feature clearly stated
in WhatsApp T.O.S.

Well, then why is there a useless security setting?

Nevermind, I just coded a quick and dirty extension
for google chrome so the "last seen" of
the contacts hiding it, is shown next to their name!


Comments

Popular posts from this blog

Powerline Ethernet fun and secrets.

Many 200 Mb/s powerline adapters nowadays are based on the INTELLON 6300 chipset. Despite what can be thought looking at them, they are all using the same hardware and firmwares. I heard many people with Netgear XAV101 or Linksys PLK 200 or PLE 200 having problems after firmware updates and many other people with other brands having much more problems because of lack of support or configuration/upgrade utilities. So let me explain a few things I learnt studying them. Many of 200 Mb/s powerline ethernet adapters follow the "HomePlug AV" standard. (85 Mb adapters use HomePlug 1.0 standard which is completely different). This standard uses ethernet broadcast packets using the HomePlug AV protocol. The interesting thing is that their firmware is made of two different parts: a .PIB file (Parameter Information Block) and a .NVM file (the code itself). In the P.I.B. there are many interesting things: The branding (mac address, device name, etc) and the tone map. I test

TP-LINK Configuration file encrypt and decrypt.

Here we go! TP-Link is another company that thinks that security by obscurity could ever work. If you "backup" the configuration from most TP-Link routers, you will get a .BIN file which is "encrypted". Use this utility below, to decrypt it (so you can edit it) and encrypt it again. Have fun. Drop files here or

Obfuscation will never work.

ml> Hello again, sweet readers ! OpenRG is an embedded OS for routers. It's based on Linux and it's inside many ISP routers out there. Inside OpenRG configuration file, passwords appear in a way that can seem to be crypted, but it's just obfuscated. For example: (username(admin)) (password(&b7;X&5c;&b9;&a2;)) Above you can see a simple deobfuscator. Enjoy! You can try it with: &ad;Y&5b;&b3;&a3;&17;T&8b;&c4;&b9;#&96;&04;c&ea;&1d;$%&5d;&16;&08;B3&c0; :) Zibri.