Originally published at: https://boingboing.net/2019/05/14/pegasus-over-whatsapp.html
…
Funny how active “retired spies” are. And how these groups are always unaffiliated with any government agencies. The denials sound quite plausible.
WhatsApp is yet another festering boil on Facefuckingbook reputation. Oh, remember it’s free to use too…
Now, NSO has been caught deploying its “Pegasus” malware via a new and frightening defect in Facebook’s Whatsapp messenger. Facebook’s description of the bug is that it is “A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.” Practically speaking, that means that someone who initiates a Whatsapp call to your Iphone or Android device can seize control of the device, even if you don’t answer the call.
Is that a bug, or a feature?
Asking for a hostile foreign power.
Whisper Systems’ Signal.
Whisper Systems’ Signal.
Whisper Systems’ Signal.
This would include all these “cybersecurity experts” that we believe unconditionally. But you don’t mean Skripal, right? He was just spending his golden years puttering in his English country garden.
There you go. FTFY
A teenage coder exploits a vulnerability and circumvents security measures and collects data = charges under one or many of these :
- Section 1 of the Criminal Law Act 1977
- Sections 1 - 3ZA of the Computer Misuse Act 1990
- Section 1 of the Regulation of Investigatory Powers Act 2000
- Sections 44 - 46 of the Serious Crime Act 2007
- Money laundering offences under the Proceeds of Crime Act 2002
- Section 55 of the Data Protection Act
$1b corporation does same, for profit =
Apropos WhatsApp: Imagine what kind of competitor it could become for Facebook if it remained independent. Or, more relevantly, whether the security would be as scrappy as it is now because security is so important to Facebook.
This topic was automatically closed after 5 days. New replies are no longer allowed.