The question that I have is related to this article: DubaiP arrest over whatsapp chats
I am aware that WhatsApp has encryption problems but how does Pegasus, the spyware actually work so easily against E2EE? Does it mean we are just defenceless against it?
Also, I don’t think that it could be Pegasus used for this specific scenario but there have been multiple reports of individuals being arrested over their private chats being monitored through Pegasus.
The authorities are obviously not going to release any details about it and how they made this happen and breach WhatsApp.
Also, this makes me question WhatsApp and if its encryption truly is E2E and if this person is not using iPhone with Lockdown Mode or GrapheneOS, I’m not surprised they could get access to it.
UAE is like any other non democratic authoritative state. Just because you have shiny buildings, big malls and a regional business and tourism hub, doesn’t mean it’s still terrible for your freedoms and privacy. I speak from experience.
Pegasus does not directly break E2EE, instead it takes control of your device so it can access decrypted communications and every other app.
Pegasus doesn’t break E2EE. Instead, it bypasses it entirely by compromising the device itself. Once your phone is infected, the spyware operates with very high privileges.
At that point, encryption is no longer the barrier. Messages are encrypted only while in transit. On your device, they must be decrypted before you can read them. Pegasus takes advantage of this by accessing data directly on the device, either from memory or by capturing the screen and inputs. So it can read messages in their decrypted form without ever needing to crack the encryption protocol.
That’s why E2EE doesn’t protect against a fully compromised device.
There isn’t enough detail in this article to know what really happened.
There could have been an unauthorized silent member in the group chat added via social engineering. One of the chat members WhatsApp account could have been compromised via phishing.
Or there could have been mercenary spyware deployed against one or more group chat members that collected decrypted data from their phone.
Always remember that any communication activity is only as safe as the least secure participant. If 5/6 group chat members have great OPSEC it doesn’t matter if number 6 clicks every link sent to them.
All of these have happened before and the best defenses known to be effective:
Some additional steps:
Highly capable mercenary spyware has continued to proliferate at an alarming rate. But there are steps normal people can take to mitigate the danger to a decent degree thanks to things like Lockdown Mode and the Graphene project.
No need for all that speculations. Pegasus was largely covered and analyzed.
You can check the excellent work made by Amnesty International and Forbidden Stories or just take a look at the wiki
Edit:
There is also this very good documentary by PBS
Also use disappearing messages, so if the device is compromised, there is less history.
So many ifs/buts/maybes from this article. Also worth remembering people can ‘report’ messages to WhatsApp directly. A bizarre feature by any stretch of the imagination.
Anyone having “private” conversations via WhatsApp needs to re-evaluate how they communicate. Irrespective of any threat model.
WhatsApp’s E2EE claims are subject to a US lawsuit. But a WhatsApp leakage is irrelevant if there was a full device compromise or one of the group members ratted them out.
Exactly. E2EE only stops the mass surveillance that is exploiting servers and observing communications there. E2EE doesn’t help if your device is hacked or backdoored. Whether or not that constitutes as mass surveillance depends on how easy attacking endpoints is to automate.
There’s a few things that you can do. First, some messengers like Signal offer break-in key recovery where you need continuous presence on the endpoint, or continuous MITM attack with exfiltrated identity keys. Anything less than that and the double ratchet recovers and locks the attacker out.
You can also avoid becoming a target by hiding metadata about who you talk to. Cwtch is your best bet for that: Always routed through Tor, and you get excellent granular control over the Onion Service addresses you expose to your contacts, meaning you get to control what kind of social graph your accounts create. An attacker can’t go to talk to your friend and ask if this Cwtch address belongs to you, if you’re giving everyone a different Cwtch address.
After that it gets into endpoint security. The tldr of options you have is
Use reduced TCB like Yubikey to store your encryption keys. This doesn’t protect against hacker reading plaintexts from the endpoint though.
Use airgapped TCB, i.e. PGP with airgap. Hak5 has a fun video on this https://www.youtube.com/watch?v=D_xrlAGzQfs You’ll lose forward secrecy but the main problem of that is key compromise and if the attacker is unable to inject malware to the QR-codes, and unable to have the malware inject your keys into ciphertexts that you scan out, you’re safe. If the attacker can do that, you’re again SoL.
Use split airgapped TCB with unidirectional gateways. This just expands on the idea of airgapped TCB with two airgapped devices with split TCB, that prevents attacker from either accessing the encrypting device, or if they can do that, from getting keys/plaintexts out from the decrypting device. You can do that with PGP and for unidirectional data transfer, either “endless” supply of thumb drives or preferably, simple data diodes. For the latter there’s a better way. I’ve written TFC, (GitHub - maqp/tfc: Tinfoil Chat - Onion-routed, endpoint secure messaging system · GitHub) a chat system for this particular purpose.
The trade-off of adding endpoint security with isolation is your endpoint gets bulkier. Airgap takes two computers, TFC-like HW-setups require three computers. The bigger issue this brings is portability and day-to-day use, and to lesser extent, it looks more suspicious unless disassembled.