> A tiny app written by McAfee’s team was downloaded onto two brand new Android phones which were used for the message exchange.

Does this mean they installed malware on the devices before the messages were exchanged?

> John McAfee supplied a screen shot from his team’s server. They removed all pixels which could identify the server.

I'm curious about this. How would someone identify the server using pixels in the screenshot?

> When asked who was to responsible for the vulnerability, McAfee was quick to say WhatsApp should not be blamed, and the problem is with Google. He claims to have discovered a serious design flaw within the Android operating system that allowed his team to access virtually everything happening within all Android devices.

Fking clickbait. "Android" is not so trendy this month.

If I'm reading this correctly, a keylogger or screen reader on each device would achieve the same result which wouldn't be as much 'reading encrypted messages' as it would be 'reading unencrypted information on a compromised device'.

End to end encryption means from the moment you press send to the moment the receiver views the message.

So they could listen to the keyboard and the screen to 'read' the message before it is sent.

Nothing new here.