The article doesn't really say what hackers had access to, but it sounds like they had full control over their phones. There is a lot bigger story here and I'd love to read a post-mortem in a few months.
Also, WhatsApp is such an obvious target for a state actor. I saw several articles of the last year that mentioned Jared Kushner using Whatsapp so I assume a lot of government folks use it for off the books "encrypted" communication.
A buddy of mine is Special Forces (U.S.). He said JSOC recently banned use of WhatsApp and encouraged everyone to switch to the open-source Signal (another encrypted messaging app). Allegedly WhatsApp uses Signal's encryption (OpenWhisper) but I stopped trusting it the second Facebook bought them out.
But of course, in this case the issue seems to be either compromise of the device(s) via zero days, whatsapp usage simply being the target matrix - and/or a leveraging a zero day in whatsapp for full device compromise.
It's unlikely signal would be immune - they didn't Crack the encryption, they cracked the app/os.
In olden times the vector might have been a font, or a gif.
The only advantage signal has is a conservative interface and small userbase. I'm not sure if they do some kind of hard-line whitelisting of attachments though - if you can pack an exploit as a file, I'm pretty sure you could send it via signal.
> The only advantage signal has is a conservative interface and small userbase.
Signal is open source, WhatsApp is not. So how did you determine Signal has only one advantage over WhatsApp, without access to the WhatsApp source code?
Advantage in terms of security vulnerabilities - evidence seems to indicate that having the source code available isn't a big factor in reducing zero days. In addition, signal isn't any more protected against a rooted device.
If one assumes that WhatsApp are implementing the protocol as well as signal are (which I do), then I think there are three questions in deciding what is more secure:
1. Do you trust Facebook (or open whisper systems) with your metadata/expect them to delete it?
2. How likely are there to be bugs (in the app, not in the protocol itself) which lead to exploits. On the one hand WhatsApp probably have more people working on the app and likely more security people too. On the other hand they may be pushed to add more features and having lots of code churn may introduce security holes.
3. How much work will be put into exploiting each app. On the one hand more people use WhatsApp but on the other, I guess security conscious people may be more likely to use signal.
A known exploit to WhatsApp happened due to 2 with a bug in how audio calls were initiated. I don’t really have a good guess as to how the apps compare on points 2 and 3 but I guess WhatsApp loses on 1. A more practical point is that it’s likely easier to convince someone to use WhatsApp than signal, especially for group chat.
WhatsApp will rekey and send old messages without notifying the user. This means MITM is possible and not always detectable. This is their intended design (but you can change the preference so that you at least get notified when it happens).
That guardian article was pretty bad. It scared a lot of people from WhatsApp (which is still in general mode secure than most options) to text messaging by claiming that this was somehow some huge security flaw.
From WhatsApp’s point of view this was a reasonable ux trade off. It is a major pain point of signal when it does this (particularly in group chats where it is more likely to happen).
But I agree that from a strict security focused point of view this is a disadvantage to WhatsApp.
Sorry, but his is a major security flaw. WhatApp, their mothership Facebook, or any party who can coerce them into doing so (e.g. the US government), can use this to rekey targets with their own keys, virtually undetectable by most regular users, thereby completely MITMing the message exchanges.
Even moxie, who created this stuff, more or less admitted this[0], by saying the rekeying notification is the only defense, but that one is off by default in whatapp last I checked (which moxie confirmed[1]), which makes whatapp insecure by default at the very least. I wouldn't be surprised if WhatApp servers know if this notification setting is on or off, which would enable them to e.g. target people with insecure default settings only to avoid detection.
I already said this in [0], but let's repeat it: This is essentially the same as if a webbrowser would just accept any TLS certificate without showing a warning no matter if valid or the issuer trust.
Sure, this is hard problem to solve UX-wise and user-education-wise, but that doesn't excuse that you advertise your known-and-deliberately-insecure-by-default default-MITMable product as "secure communication using end-to-end encryption".
Anyone expecting secure messaging from WhatsApp must have Rekeying Notification set ON. Compare it to having a lock installed and using the key to close the lock.
Personally I can not imagine Human Rights Activist having the Rekeying Notification set OFF.
This is not like a lock and using the key. Not in the very least. It has as much to do with a psychical lock as it has to to with a toaster or a banana. Nothing.
>Personally I can not imagine Human Rights Activist having the Rekeying Notification set OFF.
I can. A lot of those people are not tech savvy. And the targets of e.g. the most recent NSO story weren't just activists, but a lot of other people too, politicians, state officials, lawyers, journalists, etc.
And on top of that, this system becomes MITMable as soon as one of the communicating parties has notifications off (or ignores them, which then comes back to the UX and education issue).
'On the one hand WhatsApp probably have more people working on the app'
From a career in software development, I tend to feel that the more devs, the buggier. Maybe, MAYBE (number of QA)/(number of devs) = reliability coefficient.
Correlates with my experience, too, however size of the QA team is not a reliable indicator. I've seen it first hand where the QA is huge, but doesn't have good devs, only people that point out process flaws.
A QA team is trying to find bugs with the current release. They are not looking for mitm attacks or misuse. That would be more security who are generally looking for more obvious issues at the network level.
Keep in mind also that WhatsApp also demands full access to ALL your contacts in order to really work properly, as opposed to Signal where you just add the people you want to use Signal with
Well, and as pointed out elsewhere the signal protocol only covers messages in transit. How keys are managed, etc. also strongly affect security. In the signal app, the phones own the keys rather than another entity (hence why messages get rekeyed on whatsapp and why you're easily able to load messages on a new phone).
Reread my comment. If you have additional code to support things like ads, you add attack surface for people to find a way to inject code execution in the context of the WhatsApp process, which has access to the decrypted messages.
It doesn't. At first, it used an SMS IIRC that charged you a dollar every month or year, not sure. Then they scrapped that and they are now basing the income on WhatsApp for Business, although I don't know if they are charging yet. But as operating costs were actually low, they mostly ran off of papa Facebook's dollars.
Approx 20 months ago, numerous people I had contact with working in western military special operations units dropped WhatsApp in a fairly brief period of time.
Facebook didn't buy Signal. One of the original executives from Facebook left to help start the Signal foundation with Moxie precisely because he had become sick of Facebook's insane behavior.
I think you misinterpreted the parent comment—I read it to mean that they stopped trusting WhatsApp as soon as Facebook bought them despite using the same technology as Signal. Your interpretation might be right, though.
I have been using signal for awhile and I try to convince people to use it, however I'm curious if using signal would have prevented this. It sounds like they got into WhatsApp servers and then did something else to get full access to people's phones.
NSO still have multiple ubpatched 0 days in WhatsApp Telegram and most other messaging apps.
Your best bet is to use something obscure so you cannot easily be targeted or not being connected to the same net.
At the Israeli army we had phones that ran completely separate software stacks and talked to a different network for this. Nothing was on the internet.
Also since modem stacks are so terrible - ideally two phones where one is just a hotspot for the other one and the one using the hotspot does not have a cellular modem. Also ideally not Android or iOS.
Of course it is better to not be on the public internet with any sensitive device if at all possible. Anything on the internet is considered public.
Within my experience, security by obscurity works only if you're low profile. If significant amounts of money will be spent decrypting your mess, it's game over.
OTOH, we usually only hear about the failed attempts, so there's a selection bias.
I deliberately didn't use the phrase security by obscurity, because that usage of obscurity is synonymous with secrecy. And that's not what the original comment was about.
I agree about the low profile being necessary (even if not sufficient).
The more obsure and different the less likely. If closed source the knowledge belongs to the creators. If the circle is extremely small the chance of that knowledge being shared with your enemy is low. It goes up when that circle is increased.
When you want the biggest circle open source is safer. If your circle is small closed will be safer.
That sounds pretty cool. Did you all have your own separate physical layer just for military too, or did you use the same physical layer as the civilian world?
It says the hackers had access to WhatsApp servers, so they can tell who is talking to whom, and depending on how WhatsApp does encryption they may have been able to decrypt messages. I say may, because WhatsApp had pitched itself as an encrypted messaging system, though personally I’d bet they could because it’s easy to claim your service is encrypted and yet still design backdoors for yourself.
The article is garbling the WhatsApp allegations: WhatsApp says the hackers abused WhatsApp servers to hack phones, not that the servers had a flaw. To send the malicious payloads to the victims, the hackers sent messages that flowed over WhatsApp's networks, which largely what they're hanging the lawsuit on.
Also, WhatsApp is such an obvious target for a state actor. I saw several articles of the last year that mentioned Jared Kushner using Whatsapp so I assume a lot of government folks use it for off the books "encrypted" communication.