[seppin]

> You're implying that WhatsApp, Inc. gave the Egyptian government the ability to remotely retrigger this backdoor whenever they want to (for those who haven't actually read the article: this backdoor only works when WhatsApp issues a key change for a conversation, and only then in certain circumstances). In other words, you imply that Egypt said "Hey WhatsApp, please actively hack into your Egyptian users' messages and send us the results" and WhatsApp said "ok sure here ya go".

No, the private hackers Govs hire were able to use an exploit to snoop on Whatsapp. That's very probable.

[jyrkesh]

Yeah, but that's not how the exploit would work. If you read the article, the "backdoor" is that WhatsApp could "generate" a new private key without your knowledge. Except that instead of generating a key, they'd use a well-known key. From there, they could give that key to state actors, or they could decrypt the traffic themselves and give it to state actors.

Either way, you need server side control of WhatsApp.

[swegg]

Which you could get by hacking WhatsApp endpoints.

[ameister14]

Is there any evidence that this happened?