The encryption isn't alleged to have been compromised. The app itself deals with a lot of untrusted input (eg, thumbnailing video files you've been sent) so there's a meaningful attack surface outside the protocol itself.
It seems like most of the exploits come down to blowing up a parser of one data format or another. Myriad from which to choose, they are written in C for historical reasons, and probably play fast and loose with validation in the name of performance.
The big issue in both cases is that the exploit was triggered before the user answered the call.
I think the moral here is that a secure messenger should not execute inherently insecure code (i.e.complex code) on behalf of entities that are not really well trusted by the user. The default should be always plain text.
I think most influential companies such as Microsoft snd Google have said that c and c++ need to be deprecated. I think replacing old code with memory safe languages takes time, effort and money. Hopefully in a decade we can this can be fully done.
Does Rust make RCE impossible?, I don't think it does.
There is the option of not having data and code sharing the same stack, that seems like a better solution to me but that's such an option is not usually talked about.
It makes this kind easy pivot to RCE impossible. Attacks these days are generally more sophisticated than simple buffer overflows, fwiw. Targeting function pointers from a heap overwrite gives the same capabilities.
> I think the moral here is that a secure messenger should not execute inherently insecure code (i.e.complex code) on behalf of entities that are not really well trusted by the user. The default should be always plain text.
Whattsup and co, are very happy to execute untrusted code: images displayed in messages, websites fetched and rendered. Basically a bad actor's wet dream.
Was the spyware persistent? That is, would a reboot clear it? Not that it matters. Presumably, the attackers were so motivated they would re-infect the device the moment they saw it go dark.
The group exploited a bug in WhatsApp to deliver the spyware. It wasn't an E2E issue.
> A U.S. judge ruled on Friday in favor of Meta Platforms' (META.O), opens new tab WhatsApp in a lawsuit accusing Israel's NSO Group of exploiting a bug in the messaging app to install spy software allowing unauthorized surveillance.
People have to start assuming that any communication method in use is compromised. There’s just no way on earth orgs like the NSA would throw their hands up in the air and not find multiple different avenues into an app like signal. Its one of the most downloaded messaging apps. Investment into compromising it is very worth while. People should just assume everything involving a cell phone or computer is inherently insecure. Meanwhile for some analog methods (one time pads, even cupping a hand and whispering into anothers ear, etc), the power balance isn’t so lopsided between the state and the individual as it is with digital communications where everything is probably compromised in some way by now.
I’m more worried about financial scams than I am anything related to government. Password managers with random passwords are an excellent guard against that threat.
If I were worried about state actor threats, any keys or passwords would be memorized.
Bitwarden is already a big step up from what most people are doing, then if you want to hide from gouvernement you better make sure you save your password on extremely secured device. But that's another treat level from the average Joe.
A great number of comments and posts on this site rave in favor of password managers and their use for "security" and convenience, despite what you say being such a very obvious flaw.
Well no Chinese should be using software that involved Americans. That is just common sense. When the chips are down everyone gets drafted by their country's security apparatus.
