undefined | Better HN

0 pointsseppin9y ago0 comments

> You're implying that WhatsApp, Inc. gave the Egyptian government the ability to remotely retrigger this backdoor whenever they want to (for those who haven't actually read the article: this backdoor only works when WhatsApp issues a key change for a conversation, and only then in certain circumstances). In other words, you imply that Egypt said "Hey WhatsApp, please actively hack into your Egyptian users' messages and send us the results" and WhatsApp said "ok sure here ya go".

No, the private hackers Govs hire were able to use an exploit to snoop on Whatsapp. That's very probable.

0 comments

jyrkesh9y ago

Yeah, but that's not how the exploit would work. If you read the article, the "backdoor" is that WhatsApp could "generate" a new private key without your knowledge. Except that instead of generating a key, they'd use a well-known key. From there, they could give that key to state actors, or they could decrypt the traffic themselves and give it to state actors.

Either way, you need server side control of WhatsApp.

swegg9y ago

Which you could get by hacking WhatsApp endpoints.

ameister149y ago

Is there any evidence that this happened?

j / k navigate · click thread line to collapse