
Hackers Claim They Can Read Encrypted WhatsApp and Snapchat Messages - mosesofmason
http://webcache.googleusercontent.com/search?q=cache:http://www.forbes.com/sites/stevemorgan/2016/05/14/hackers-claim-they-can-read-encrypted-whatsapp-messages-and-snapchat-messages-too/
======
doublec
> A tiny app written by McAfee’s team was downloaded onto two brand new
> Android phones which were used for the message exchange.

Does this mean they installed malware on the devices before the messages were
exchanged?

~~~
ComodoHacker
Yes, but no root is required, as research firm's CEO said.

------
cromano
> John McAfee supplied a screen shot from his team’s server. They removed all
> pixels which could identify the server.

I'm curious about this. How would someone identify the server using pixels in
the screenshot?

~~~
onion2k
At a guess I would suggest "pixels" is the journalist's interpretation of
"information". So really it will have had the EXIF meta data stripped out.

------
ComodoHacker
> When asked who was to responsible for the vulnerability, McAfee was quick to
> say WhatsApp should not be blamed, and the problem is with Google. He claims
> to have discovered a serious design flaw within the Android operating system
> that allowed his team to access virtually everything happening within all
> Android devices.

F __king clickbait. "Android" is not so trendy this month.

------
AliAdams
If I'm reading this correctly, a keylogger or screen reader on each device
would achieve the same result which wouldn't be as much 'reading encrypted
messages' as it would be 'reading unencrypted information on a compromised
device'.

~~~
onion2k
Or the app that gets installed manages to access WhatsApp's and Snapchat's
private keys on the device. Or compromises a system library that those apps
use to generate the user's keys when they're installed. They would be more
interesting attacks.

------
huuu
End to end encryption means from the moment you press send to the moment the
receiver views the message.

So they could listen to the keyboard and the screen to 'read' the message
before it is sent.

Nothing new here.

