Announcement

Collapse
No announcement yet.

This WhatsApp hack

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

    This WhatsApp hack

    So Israeli software targeting human rights lawyers which basically allows the user to take over your entire phone operating system. The company who make it argue extremely unconvincingly that it's not their fault (we just sell it to governments like Saudi Arabia, we can't be held responsible for them dismembering dissidents)

    Of late more and more people have suggested I should get WhatsApp. Don't think I'll be bothering any time soon.

    #2
    Very nasty stuff indeed.

    Amnesty had already brought an action in Israel seeking to have their export licence revoked.

    Comment


      #3
      Is it best to reinstall or just update?

      No surprise to hear that it's Israel behind this. They've got previous with hacking phones.

      Comment


        #4
        They are so far being coy on whether the patch eliminates any spyware that may have been downloaded.

        That said, it looks as if one had to be specifically targeted in order to be infected.

        Comment


          #5
          I've uninstalled it and then reinstalled. I have automatic updates on anyway but this is worrying especially as all chats were meant to be encrypted.

          Comment


            #6
            I'd happily dispense with WhatsApp in favour of Signal but I need the former for work. As do millions of others, I imagine.

            Comment


              #7
              Originally posted by Reginald Christ View Post
              I'd happily dispense with WhatsApp in favour of Signal but I need the former for work. As do millions of others, I imagine.
              Eh?

              Surely all you need for work are the apps that have been downloaded by your IT support.


              Most of them will be Microsoft products, surely, so you do not need anything else?

              Comment


                #8
                The Israeli state is welcome to my mundane messages based around quiz nights, football, piss-ups and piss-taking.

                Comment


                  #9
                  I'm sure there's a Warner Bros / Reg Uspatoff joke just waiting to erupt here.

                  Comment


                    #10
                    Originally posted by Guy Profumo View Post

                    Eh?

                    Surely all you need for work are the apps that have been downloaded by your IT support.


                    Most of them will be Microsoft products, surely, so you do not need anything else?
                    There's a WhatsApp group for my team, set up by our manager. People message it if they're going to be late/sick/etc.

                    Comment


                      #11
                      There's an awful lot of that around. It's horrific.

                      Comment


                        #12
                        Why?

                        What is the corporate offering?

                        teams?

                        Skype?

                        whatever?

                        It's not up to your manager to set up his (I'm assuming he under the circumstances) a wanky little app for you to stay in touch


                        HR tell you how to keep in touch if you can't come in


                        Not Clem Fandango and his fucking iPhone.

                        Comment


                          #13
                          (To Reg) That probably contravenes GDPR.

                          Comment


                            #14
                            It's not as draconian as I've made it sound, I should say. A couple of members post links to computer science articles, tutorials (and, inevitably, inane banter). But, yeah, it's not great.

                            Originally posted by Guy Profumo View Post
                            Why?

                            What is the corporate offering?

                            teams?

                            Skype?

                            whatever?
                            If it was a technology company I was working for then we'd probably use Slack for team communications. But this is meant to be more informal. But weirdly it's better to notify work this way instead of HR. There's a lot more leeway when it comes to being in late with my current manager than there would be with people to whom I'm just a name on a spreadsheet.

                            Comment


                              #15
                              You get work WhatsApp chats on your personal mobile? Ugh ugh ugh.

                              Comment


                                #16
                                Some of us don't get the option of a work only one.

                                Comment


                                  #17
                                  Originally posted by Fussbudget View Post
                                  You get work WhatsApp chats on your personal mobile? Ugh ugh ugh.
                                  Yep. It could be a lot worse in my case; none of us are on call.

                                  Back on topic.

                                  Among the people who were targeted was a UK-based human rights lawyer whose phone was attacked on Sunday as WhatsApp was in the process of neutralizing the vulnerability.

                                  ...

                                  Scott-Railton declined to name the UK lawyer but said he has represented Mexican journalists, government critics, and a Saudi dissident living in Canada in lawsuits against NSO Group. The legal actions allege NSO shares liability for any abuse of its software by customers.

                                  Comment


                                    #18
                                    Originally posted by Sporting View Post
                                    Some of us don't get the option of a work only one.
                                    But you get the option of refusing to use your personal mobile phone and data plan for work purposes, surely.

                                    Comment


                                      #19
                                      It was a slightly throwaway comment on my part given that the majority of the places I've worked for haven't abused their access to my phone and also that in my line of work access to both employer and employee is generally beneficial to all concerned.

                                      Comment


                                        #20
                                        Originally posted by NickSTFU View Post
                                        The Israeli state is welcome to my mundane messages based around quiz nights, football, piss-ups and piss-taking.
                                        I think the point of this hack is not that they can access what you put on Whatsapp, but that they can use it to basically take all the information from your mobile phone. Calls, texts, photos, everything. Again, quite possibly not really that much of a problem to anyone here, but to people like human rights lawyers? Who need to keep their contacts with frightened persecuted people secret?

                                        Comment


                                          #21
                                          Plus Israel has no scruples at all and will deal with any regime to suit their own ends.

                                          This hack allowed them complete access to the phone as well as the ability to use the camera etc. Frightening to know how they were able to do this and potentially what they've got.

                                          The question is how many people have been indirectly affected by this, one prominent lawyer probably has thousands of contacts.

                                          Int addition how did this come to light?

                                          Comment


                                            #22
                                            Originally posted by ad hoc View Post

                                            I think the point of this hack is not that they can access what you put on Whatsapp, but that they can use it to basically take all the information from your mobile phone. Calls, texts, photos, everything. Again, quite possibly not really that much of a problem to anyone here, but to people like human rights lawyers? Who need to keep their contacts with frightened persecuted people secret?
                                            I was being facetious. I am well aware of the impact of this on human rights lawyers and their clients. I am also well aware that fuck all squared will be done about.

                                            Comment


                                              #23
                                              Sorry, what's this hack got to do with the Israeli state? My understanding is that it was developed by an Israeli company?

                                              Comment


                                                #24
                                                It was. A company which has made no secret of the fact that they have sold it to loads of very dodgy regimes all over the place. Though to imagine that there was no Israeli state involvement, both as developer and client, beggars belief somewhat.

                                                Comment


                                                  #25
                                                  Originally posted by ad hoc View Post
                                                  It was. A company which has made no secret of the fact that they have sold it to loads of very dodgy regimes all over the place. Though to imagine that there was no Israeli state involvement, both as developer and client, beggars belief somewhat.
                                                  Leaps of logic abound.

                                                  The issue is that many governments and intelligence agencies—very dodgy or otherwise—buy these vulnerabilities.

                                                  Comment

                                                  Working...
                                                  X