Facebook has blamed Apple’s operating system for the hacking of Amazon Founder and CEO Jeff Bezos’s phone, saying WhatsApp’s end-to-end encryption is unhackable. Analysts believe that Bezos’s iPhone was compromised after he received a 4.4MB video file containing malware via WhatsApp – in the same way when phones of 1,400 select journalists and human rights activists were broken into by Pegasus software from Israel-based NSO Group last year.
Facebook’s Vice President of Global Affairs and Communications, Nick Clegg, said in an interview with the BBC last week that it wasn’t WhatsApp’s fault because end-to-end encryption is unhackable and blamed Apple’s operating system for Bezos’ episode.
Clegg told the show host that “It sounds like something on the, you know, what they call the operate, operated on the phone itself. It can’t have been anything on the, when the message was sent, in transit, because that’s end-to-end encrypted on WhatsApp.”
Clegg compared the hack to opening a malicious email, saying that “it only comes to life when you open it”.
A firm that has investigated Bezos’ phone, after that the video file was received, Bezos’ phone started sending unusually large amounts of outbound data, including his intimate messages with his girlfriend Lauren Sanchez, according to a report from FTI Consulting.
According to Clegg, “something” must have affected the phone’s operating system.
He also mentioned that “As sure as you can be that the technology of end-to-end encryption cannot, other than unless you have a handset, or you have the message at either end, cannot be hacked into.”
WhatsApp provides end-to-end encryption by default, which means only the sender and recipient can view the messages. But the piece of NSO Group software exploited WhatsApp’s video calling system by installing the spyware via missed calls to snoop on the selected users.
According to leading tech policy and media consultant Prasanto K. Roy, end-to-end encrypted apps (E2EE) do provide security, and messages or calls cannot be intercepted and decrypted en route without enormous computing resources.
Recently, Roy told IANS that “But once anyone can get to your handset, whether a human or a piece of software, the encryption doesn’t matter anymore. Because on your handset, it’s all decrypted.”