Announcement

Collapse
No announcement yet.

This WhatsApp hack

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    This WhatsApp hack

    So Israeli software targeting human rights lawyers which basically allows the user to take over your entire phone operating system. The company who make it argue extremely unconvincingly that it's not their fault (we just sell it to governments like Saudi Arabia, we can't be held responsible for them dismembering dissidents)

    Of late more and more people have suggested I should get WhatsApp. Don't think I'll be bothering any time soon.

    #2
    Very nasty stuff indeed.

    Amnesty had already brought an action in Israel seeking to have their export licence revoked.

    Comment


      #3
      Is it best to reinstall or just update?

      No surprise to hear that it's Israel behind this. They've got previous with hacking phones.

      Comment


        #4
        They are so far being coy on whether the patch eliminates any spyware that may have been downloaded.

        That said, it looks as if one had to be specifically targeted in order to be infected.

        Comment


          #5
          I've uninstalled it and then reinstalled. I have automatic updates on anyway but this is worrying especially as all chats were meant to be encrypted.

          Comment


            #6
            Originally posted by Reginald Christ
            I'd happily dispense with WhatsApp in favour of Signal but I need the former for work. As do millions of others, I imagine.
            Eh?

            Surely all you need for work are the apps that have been downloaded by your IT support.


            Most of them will be Microsoft products, surely, so you do not need anything else?

            Comment


              #7
              The Israeli state is welcome to my mundane messages based around quiz nights, football, piss-ups and piss-taking.

              Comment


                #8
                I'm sure there's a Warner Bros / Reg Uspatoff joke just waiting to erupt here.

                Comment


                  #9
                  There's an awful lot of that around. It's horrific.

                  Comment


                    #10
                    Why?

                    What is the corporate offering?

                    teams?

                    Skype?

                    whatever?

                    It's not up to your manager to set up his (I'm assuming he under the circumstances) a wanky little app for you to stay in touch


                    HR tell you how to keep in touch if you can't come in


                    Not Clem Fandango and his fucking iPhone.

                    Comment


                      #11
                      (To Reg) That probably contravenes GDPR.

                      Comment


                        #12
                        You get work WhatsApp chats on your personal mobile? Ugh ugh ugh.

                        Comment


                          #13
                          Some of us don't get the option of a work only one.

                          Comment


                            #14
                            Originally posted by Sporting View Post
                            Some of us don't get the option of a work only one.
                            But you get the option of refusing to use your personal mobile phone and data plan for work purposes, surely.

                            Comment


                              #15
                              It was a slightly throwaway comment on my part given that the majority of the places I've worked for haven't abused their access to my phone and also that in my line of work access to both employer and employee is generally beneficial to all concerned.

                              Comment


                                #16
                                Originally posted by NickSTFU View Post
                                The Israeli state is welcome to my mundane messages based around quiz nights, football, piss-ups and piss-taking.
                                I think the point of this hack is not that they can access what you put on Whatsapp, but that they can use it to basically take all the information from your mobile phone. Calls, texts, photos, everything. Again, quite possibly not really that much of a problem to anyone here, but to people like human rights lawyers? Who need to keep their contacts with frightened persecuted people secret?

                                Comment


                                  #17
                                  Plus Israel has no scruples at all and will deal with any regime to suit their own ends.

                                  This hack allowed them complete access to the phone as well as the ability to use the camera etc. Frightening to know how they were able to do this and potentially what they've got.

                                  The question is how many people have been indirectly affected by this, one prominent lawyer probably has thousands of contacts.

                                  Int addition how did this come to light?

                                  Comment


                                    #18
                                    Originally posted by ad hoc View Post

                                    I think the point of this hack is not that they can access what you put on Whatsapp, but that they can use it to basically take all the information from your mobile phone. Calls, texts, photos, everything. Again, quite possibly not really that much of a problem to anyone here, but to people like human rights lawyers? Who need to keep their contacts with frightened persecuted people secret?
                                    I was being facetious. I am well aware of the impact of this on human rights lawyers and their clients. I am also well aware that fuck all squared will be done about.

                                    Comment


                                      #19
                                      Sorry, what's this hack got to do with the Israeli state? My understanding is that it was developed by an Israeli company?

                                      Comment


                                        #20
                                        It was. A company which has made no secret of the fact that they have sold it to loads of very dodgy regimes all over the place. Though to imagine that there was no Israeli state involvement, both as developer and client, beggars belief somewhat.

                                        Comment


                                          #21
                                          Originally posted by ad hoc View Post
                                          It was. A company which has made no secret of the fact that they have sold it to loads of very dodgy regimes all over the place. Though to imagine that there was no Israeli state involvement, both as developer and client, beggars belief somewhat.
                                          Leaps of logic abound.

                                          The issue is that many governments and intelligence agencies—very dodgy or otherwise—buy these vulnerabilities.

                                          Comment


                                            #22
                                            Well there are 3 issues
                                            1. That these vulnerabilities exist in the first place (which raises the questions as to what extent WhatsApp/Fb were already aware of this up until this point)
                                            2. That this company developed a way of hacking into it, weaponising it and therefore turning a profit (knowingly turning a profit on human rights abuses)
                                            3. That a bunch of state actors (presumably sold this directly by the company, perhaps through state involvement) used this

                                            So, your issue is number 3. I think they are at least two other very major issues here.

                                            Comment


                                              #23
                                              On the other hand, are we expecting too much from free online communications platforms?

                                              Before the internet, phone calls, faxes and post could be intercepted. Yet now we are all demanding super duper encryption. Maybe we need to dial down our expectations.

                                              Comment


                                                #24
                                                Originally posted by anton pulisov View Post
                                                On the other hand, are we expecting too much from free online communications platforms?

                                                Before the internet, phone calls, faxes and post could be intercepted. Yet now we are all demanding super duper encryption. Maybe we need to dial down our expectations.
                                                I think that is fair enough. We should never assume that communication that is happening on something like Whatsapp or Instagram or Gmail or whatever is super secure. However i do think we have a right to assume that through these applications nefarious actors can turn on the microphone and camera in our hardware and use it to directly spy on everything we say and do.

                                                Comment


                                                  #25
                                                  Originally posted by ad hoc View Post
                                                  Well there are 3 issues
                                                  1. That these vulnerabilities exist in the first place (which raises the questions as to what extent WhatsApp/Fb were already aware of this up until this point)
                                                  2. That this company developed a way of hacking into it, weaponising it and therefore turning a profit (knowingly turning a profit on human rights abuses)
                                                  3. That a bunch of state actors (presumably sold this directly by the company, perhaps through state involvement) used this

                                                  So, your issue is number 3. I think they are at least two other very major issues here.
                                                  #1 is conjecture. As for #2, agencies and governments buy vulnerabilities, often from nefarious groups on the dark web. Including your own government.

                                                  Comment

                                                  Working...
                                                  X