The WhatsApp spyware story tells us that nothing is secure
Posted in: Legal & Security at 19/05/2019 22:18
When Edward Snowden broke cover in the summer of 2013 and a team of Guardian journalists met up with him in his Hong Kong hotel, he insisted not only that they switch off their mobile phones but also that they put the devices into a fridge. This precaution suggested that Snowden had some special insight into the hacking powers of the NSA, specifically that the agency had developed techniques for covertly taking over a mobile phone and using it as a tracking and recording device. To anyone familiar with the capabilities of agencies such as the NSA or GCHQ, this seemed plausible. And in fact, some years later, such capabilities were explicitly deemed necessary and permissible (as “equipment interference”) in the Investigatory Powers Act 2016.
When Snowden was talking to the reporters in Hong Kong, WhatsApp was a four-year-old startup with an honest business model (people paid for the app), about 200m active users and a valuation of $1.5bn. In February 2014, Facebook bought the company for $19bn and everything changed. WhatsApp grew exponentially to its present ubiquity: it has more than 1.5 billion users and has spread like a rash over the entire planet.