Here’s one guaranteed to make us all feel better:
Dubai police snooped on a private WhatsApp group to snare an airline worker who shared images of a building damaged in the Middle East crisis.
Authorities accessed a closed chat between colleagues, downloaded evidence and then lured the man to a meeting and arrested him.
He is in custody facing charges including publishing information deemed harmful to state interests which carries a maximum sentence of two years.
Radha Stirling, chief executive of Detained in Dubai, said: ‘Dubai Police have now explicitly confirmed they are conducting electronic surveillance operations capable of detecting private WhatsApp messages.
‘Individuals are being tracked, identified, and arrested not for public statements, but for private exchanges between colleagues.
‘Companies like WhatsApp must answer urgent questions about user privacy.
‘If private communications can be detected and used as the basis for arrest by overreaching or hypersensitive states, users worldwide need clarity on how their data is being accessed.’
According to the police report, authorities stated the clip was detected ‘through electronic monitoring operations’.
So much for “privacy” and “end-to-end encryption”. The question — now that the cat’s out of the bag — is quite simple: did the Dubai feds hack into WhatsApp, or did WhatsApp just hand the encryption key over to them?
We all know that in Arab nations, personal freedoms have about as much permanence (and relevance) as an ice cube in the desert when it comes to their governments.
But lest we get all smug and complacent, I’m willing to bet that a similar situation is in place pretty much everywhere — and the United States is no exception.
watch some of John Kiriakou’s videos online. He was a CIA intelligence officer who was convicted of leaking information about the CIA’s use of torture in the early 2000s. I don’t know how much of what he has said is true but in one of his videos, he stated that your television and your phone do spy on you and the information is readily available to the government. I would not be surprised to find out that this is true. In the US, it’s just a question of whether the government wants to use this information or not.
First off, don’t use WhatsApp, it was more or less made to be a surveillance tool.
If you connect to the internets a all in any way shape or form, you have a slight illusion of anonymity and no privacy at all.
Its why agencies also never get reprimanded. The CIA either directly or indirectly runs sites like pornhub where they can use you camera phone to match you up with your kink-of-choice and oh my, what will the voters think.
Whatsapp and facebook (and any other thing in their ecosystem) don’t have end to end encryption, EVERYTHING is stored in such a way that their employees can read every single message.
And I can warrant a guess that a good part of their venture capitalist shareholders are situated in the Arab world, Qatar, Dubai, and Saudi.
And just as with Visa/Mastercard where the same is true, they WILL do whatever pleases their shareholders (including specifically censoring anything that goes against islamic sensibilities).
So I’d not be at all surprised if some automated detection tool at Meta detected content the Emirati government wouldn’t like and they had their employees create a nice fat file and contact Dubai police without even being asked to.
There us another possibility; one of the members of the group was an informant for the government (plant or someone caught doing something else wrong and flipped) and are using the discussion of “hacking into” the chat as a cover to protect their source.
I ‘ve been told by local LE that “random traffic stops” that net a big haul of drugs are often actually the result of a tip or a snitch, and the traffic stop is a cover to protect the source.
Hack or snitch. Either is plausible.
This year, my wife was selected for Grand Jury service. One of the cases raised to their evaluation involved a statutory rape charge between an adult male and a very-below-legal-age female. Documentation was presented of very explicit text messages sent between the male and female on the WhatsApp platform. This was obtained via a warrant request, and Meta complied by giving them the complete text history between the two contacts for a certain date range. My wife was shocked that this information was obtained via warrant, she thought it was encrypted and secure. I’ve been following this for years so we had a long discussion afterwards about what “encryption” really means on the Internet, and how far you can trust it. It was eye opening for her, but not surprising for me. So, yes, that information is completely not secure to the US legal system.
Oh yes. Encryption CAN be such that the servers don’t have the keys, but in case of whatsapp and fakebook that’s not the case. Everything is available in cleartext to employees.
If you encrypt with your own keys on your client, and the recipient is the only one with the decryption key, that gets a lot harder (not impossible, harder), with the degree of difficulty depending on the encryption algorithm and key generation system used.
Obviously this doesn’t work with the whatsapp and fakebook clients, you’d have to encrypt the text before pasting it into the message application, send it like that, and the recipient would have to copy it from the message application into a decryption application and decrypt it.
Which creates another problem (the classic problem of encrypted communications): how do you securely communicate the keys!