Kobeissi has in the past lauded the ease of use of web-based crypto apps.
But he concedes that Check Point's findings are a strong example of why those web apps are prone to forms of attack that mobile apps aren't.
"It’s kind of heartbreaking to have to say this, but if you’re someone in a precarious situation and you care about your security, I’d recommend you use Whats App on an i Phone," he says.
Check Point's attacks take advantage of flaws in how the two apps perform "input validation," the process that ensures an image or video is the type of file it appears to be rather than a piece of code that would run potentially dangerous commands in the victim's browser.
And security researchers say the attacks point to inherent vulnerabilities in the web versions of any secure messenger.
When privacy counts, the smartphone is safer ground."Unfortunately, this does highlight a weakness specific to web applications," says Nadim Kobeissi, the founder of the applied cryptography consultancy Symbolic Software.
Are you using the right techniques to capitalise on it?
Guests are less loyal and more demanding than ever before.v=UR_i5XSAKrg&feature=Whats App noted in a statement that it had addressed the flaw Check Point discovered in less than a day from when the company was notified.It nonetheless urged users to restart their browsers to make sure they're protected.Ra called Telegram's security issue "several orders of magnitude less severe" than Whats App's.But security researchers following the news argue it makes a broader point about the relative fragility of browser-based encrypted apps compared with those running on traditional operating systems.They use online travel agents (OTAs) and aggregators to find the best hotels and deals – which helps operators fill their rooms, but at a cost.