Amazon Founder and CEO Jeff Bezos’s phone was hacked and for this Facebook has blamed Apple’s operating system for the hack saying WhatsApp’s end-to-end encryption is unhackable. Investigators believe that Bezos’s iPhone was compromised after he received a 4.4MB video file containing malware via WhatsApp. Facebook remained silent over the matter for a while but now the company has blamed Apple for the incident.
Facebook’s Vice President of Global Affairs and Communications, Nick Clegg in an interview with the BBC last week said it wasn’t WhatsApp’s fault because end-to-end encryption is unhackable and blamed Apple’s operating system for Bezos’ episode. “It sounds like something on the… you know, what they call the operate, operated on the phone itself. It can’t have been anything, when the message was sent, in transit, because that’s end-to-end encrypted on WhatsApp,” Clegg told the show host.
Facebook vice president Nicola Mendelsohn in an interview with Bloomberg Television at the World Economic Forum in Davos, Switzerland said that it was the faulty operating system that led to the hack. One of the things that it highlights is actually some of the potential underlying vulnerabilities that exist on the actual operating systems on phones.
According to a report from FTI Consulting, a firm that has investigated Bezos’ phone, after that the video file was received, his phone started sending unusually large amounts of outbound data, including his intimate messages with his girlfriend Lauren Sanchez.
WhatsApp provides end-to-end encryption by default and only the sender and recipient can view the messages but the piece of NSO Group software exploited WhatsApp’s video calling system by installing the spyware via missed calls to snoop on the selected users.
As per a leading tech policy and media consultant Prasanto K. Roy, end-to-end encrypted apps (E2EE) do provide security, and messages or calls cannot be intercepted and decrypted en route without enormous computing resources.
“But once anyone can get to your handset, whether a human or a piece of software, the encryption doesn’t matter anymore. Because on your handset, it’s all decrypted,” said Roy to IANS.