WhatsApp maybe not as secure as we thought
Discussion
https://www.dailymail.co.uk/news/article-15739739/...
Worker in Dubai arrested after contents of suppsedly private WhatsApp group aquired by UAE government.
Does this mean the end-to-end encryption is now worthless or did someone join group posing as a friend ?
Worker in Dubai arrested after contents of suppsedly private WhatsApp group aquired by UAE government.
Does this mean the end-to-end encryption is now worthless or did someone join group posing as a friend ?
55palfers said:
https://www.dailymail.co.uk/news/article-15739739/...
Worker in Dubai arrested after contents of suppsedly private WhatsApp group aquired by UAE government.
Does this mean the end-to-end encryption is now worthless or did someone join group posing as a friend ?
If you think anything on your phone is secure your deluded. If they want to I'm sure the security services can get into anything on them.Worker in Dubai arrested after contents of suppsedly private WhatsApp group aquired by UAE government.
Does this mean the end-to-end encryption is now worthless or did someone join group posing as a friend ?
You'll see more of this in future I think. Anthropic have created Myrhos, which can detect security vulnerabilities, and has given early access to software firms to protect them as it has allegedly already found exploits in every OS & browser already. I'm guessing state actors already have access too.
But even without AI, Israel had Pegasus which was being used by loads of nations for spying on dissidents.
With AI helping handle the information overload problems of mass surveillance and every adult with an internet connection being pushed for verifiable identification in order to save the children from the very social media firms pushing for this data, we're going to be seeing loads of this I think.
But even without AI, Israel had Pegasus which was being used by loads of nations for spying on dissidents.
With AI helping handle the information overload problems of mass surveillance and every adult with an internet connection being pushed for verifiable identification in order to save the children from the very social media firms pushing for this data, we're going to be seeing loads of this I think.
55palfers said:
https://www.dailymail.co.uk/news/article-15739739/...
Worker in Dubai arrested after contents of suppsedly private WhatsApp group aquired by UAE government.
Does this mean the end-to-end encryption is now worthless or did someone join group posing as a friend ?
Remember that you don't have to read the message in flight (where it's encrypted) it could have been compromised on-device in some way once decrypted on the phone.Worker in Dubai arrested after contents of suppsedly private WhatsApp group aquired by UAE government.
Does this mean the end-to-end encryption is now worthless or did someone join group posing as a friend ?
UAE have pretty limitless resources and a limitless desire to control information about themselves, so no doubt that would be investing heavily in cyber exploits, they're not the only ones and it's a never-ending game of cat and mouse with the tech cos.
But on the balance of probability they've gotten it from a device post encryption. Likely at the airport where they can seize phones for inspection and use security services level tech to exploit them. They will also simply ask for the PIN and often people will give it. Someone has ended up with the lamp in their face being asked by angry looking Dubai Security Services "why do you have these pictures on your phone" and the poor sap has said "Bob sent it to the group chat" about half a second later.
My parents lived in the Middle East for decades, their tolerance of Western societal norms is finite and very rigid. If they say don't take or share pictures then don't, they have no sense of humour about it at all.
But on the balance of probability they've gotten it from a device post encryption. Likely at the airport where they can seize phones for inspection and use security services level tech to exploit them. They will also simply ask for the PIN and often people will give it. Someone has ended up with the lamp in their face being asked by angry looking Dubai Security Services "why do you have these pictures on your phone" and the poor sap has said "Bob sent it to the group chat" about half a second later.
My parents lived in the Middle East for decades, their tolerance of Western societal norms is finite and very rigid. If they say don't take or share pictures then don't, they have no sense of humour about it at all.
Funk said:
Remember that you don't have to read the message in flight (where it's encrypted) it could have been compromised on-device in some way once decrypted on the phone.
Indeed. There was a recent report the FBI recovered some deleted Signal messages from the notification cache / history on an iPhone:https://www.404media.co/fbi-extracts-suspects-dele...
z4RRSchris said:
they are not getting it off the device, they can read every whatsapp sent, they have a back door.
Maybe, but I don't think so. Not even Whatsapp can read them in transit and once they're delivered they're off their servers. 'Backdoors' don't really exist, they're called 'exploits' and as soon as they're discovered it's a massive priority to patch them. Our own Gov wanted a law to insist a 'backdoor' for whatsapp and other encrypted communications was created, but it doesn't work like that, you can't just give the 'good guys' access. It's much, much easier and more practical to exploit a device that relies on end-users to patch and secure. 768 said:
Extraordinary claims require extraordinary evidence.
people in Oman have had a knock on the door from the police for things said on whatsapp to a family member. the dubai case this thread is about:
Dubai Police have confirmed in official internal documents that “electronic monitoring operations” were used to detect a photo shared within a private WhatsApp group,
Im pretty sure as a condition of being able to operate in the ME, you have to provide the back door.
anyway, people out there think whatsapp is monitered
768 said:
z4RRSchris said:
they are not getting it off the device, they can read every whatsapp sent, they have a back door.
Extraordinary claims require extraordinary evidence.The mask is coming off the tax free oasis. Do anything they dont like and you will end up in prison and it may take years for the embassy to help you.
Safer than london my arse.
P-Jay said:
z4RRSchris said:
they are not getting it off the device, they can read every whatsapp sent, they have a back door.
Maybe, but I don't think so. Not even Whatsapp can read them in transit and once they're delivered they're off their servers. 'Backdoors' don't really exist, they're called 'exploits' and as soon as they're discovered it's a massive priority to patch them. Our own Gov wanted a law to insist a 'backdoor' for whatsapp and other encrypted communications was created, but it doesn't work like that, you can't just give the 'good guys' access. It's much, much easier and more practical to exploit a device that relies on end-users to patch and secure. Who controls the WhatsApp app? Whatsapp
z4RRSchris said:
768 said:
Extraordinary claims require extraordinary evidence.
people in Oman have had a knock on the door from the police for things said on whatsapp to a family member. the dubai case this thread is about:
Dubai Police have confirmed in official internal documents that electronic monitoring operations were used to detect a photo shared within a private WhatsApp group,
Im pretty sure as a condition of being able to operate in the ME, you have to provide the back door.
anyway, people out there think whatsapp is monitered
The app store isn't shipping out a different Whatsapp client. And they block calls; if they could defeat the signal protocol I doubt they'd do that and turn down all that data.
It seems far, far more likely that they're just hacking end user devices, still.
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff