
German police will be able to hack WhatsApp encrypted messages by end of 2017 - ayi
https://www.rt.com/news/397504-germany-state-hacking-whatsapp/
======
swerner
The headline and the rt.com article are a bit misleading, German speakers
should rather read the original source:
[https://netzpolitik.org/2017/geheimes-dokument-das-bka-
will-...](https://netzpolitik.org/2017/geheimes-dokument-das-bka-will-schon-
dieses-jahr-messenger-apps-wie-whatsapp-hacken/#Bericht)

"Police will be hacking WhatsApp" sounds much flashier than "they're
developing for malware". There is no cracking of encrypted messages going on.
This is about creating and distributing targeted malware to install on
(unsuspecting) suspects' devices in order to capture decrypted messages on the
end device.

~~~
nthcolumn
It should really say 'will be allowed to'.

------
dsfyu404ed
This is not about breaking encryption.

This is about creating and distributing malware to install on suspects'
devices in order bypass most encryption implementations

What should be most disturbing is the expected use case.

It's expected to be used in run of the mill cases. When you start doing
something like this at scale automating it at scale comes soon after.

I don't think anyone wants to live in a world where the police have a gui
button labeled "install on all suspects" and some software to infer messages
of interest based on a case number.

Think about all the stuff they did to identify the guys who bombed the Boston
marathon. All of that can (and it looks like it will) soon be automated.

Now imagine that it's applied to common crime. Imagine being picked up off the
street and interrogated because you unknowingly frequented a convenience store
that had a drug trafficking operation going on behind the scenes and an
automated system identified you (and 50 other people).

Would you like to live in a world where you can't talk about buying fireworks
for the 4th because you know if you do you'll get "randomly" pulled over every
time you drive back across state lines in the month of June

We're rapidly marching toward a world where that sort of stuff is possible at
scale.

------
kitchi
According to this article, they way they bypass WhatsApp's end-to-end
encryption is by gaining access to the host device itself, and then recording
everything that's on the screen.

So this would mean switching to something like Signal (which is in principle
more secure) shouldn't help.

I'm quite skeptical that they can do this in a general case - Perhaps
exploiting some zero days on some Android/iOS versions? I don't expect Google
and Apple to sit around and let this happen for too long though.

------
thor1299
rt.com is Russias state owned nees network, I would take this with a grain of
salt

~~~
LiveOverflow
title is misleading because it's not like Germany broke the encryption. But
this has nothing to do with rt, a lot of news outlets reported it in this way.
And in the article rt is is pretty clear what it is about: The law makes it
legal for the police to install trojans on a phone to gather evidence.

------
moomin
RT;DR

------
thinbeige
Title and article are misleading. They will be allowed to hack into smartphone
OSes but if _they can_ is totally different question.

------
d0mme
Not sure if this is already happening unofficially?

