Being one of the most popular instant messaging services in the world does not free you from criticism, nor does it save you from being the target of states, organizations or people who are inevitably attracted by the intimacy of others. In this sense the application Line, developed by Naver, faces pressure caused by accusations that brand it as insecure for allowing third parties to easily spy on the conversations of its users.
These accusations come from Thailand – a country where Line has its second market with 18 of its 230 million total users – where journalists from TelecomAsia have been able to intercept a chat conversation of the application using a software for capturing packets. In this way, they were able to transfer the information to a computer, from which they could reproduce its content with complete peace of mind.
The research work carried out has allowed us to verify how messages are sent as unencrypted text when using mobile internet – 3G data -, while if they have encryption most of the time they are sent over a WiFi network. In the same way, they affirm that the keys of the intercepted chat groups could be used to access the record of the last conversations of that group.
The reason for the non-encryption of messages sent through mobile data networks can be found in a post from January posted on the Naver engineers blog, which details how the SPDY protocol. Despite this, they admit that it was also decided to allow unencrypted connections because encryption “delays connection and transfer times, especially through mobile connections ”.
The finding of the TelecomAsia reporters highlights the possibility that operators, institutions or hackers can access the content of part of the messages sent through Line, as long as they have the necessary software.