[sasas]

There is a big difference. A compromised device would mean that _everything_ you do is being open to surveillance. Passive taps limits the eavesdropper to rely on either the transport being unencrypted or vulnerabilities in related software. In other words, passive network surveillance will only reliably provide a limited subset of information, such as meta-data, rather then content of the payload which may or may not be available to the organisation undertaking the surveillance.

WhatsApp can't defend against screenshots on your device. The article states -

It runs in the background and takes a screenshot every time the user opens an app.

[nnfy]

Perhaps you're not familiar with Intel's management engine?

[LeoPanthera]

If you are suggesting that the IME is being used by the NSA to spy on Americans, there is no [citation needed] big enough for your comment.

[TheAceOfHearts]

Not necessarily, but unless every part of the stack is open, how can you truly be certain? For desktops it's not as big of a deal, since you can monitor the network activity through a router. But for a smartphones it seems like it'd be much harder to detect.

EDIT: Active spying might be pushing it too far, but backdoors? It wouldn't surprise me to learn my hardware has a few backdoors.

[bdamm]

"How often, or on what system, the Thought Police plugged in on any individual wire was guesswork." -Orwell, 1984.

[Cyph0n]

I might have agreed with you pre-Snowden, but now we know that there seem to be no such limits.

[Karunamon]

There's no concrete evidence of such a thing, but keep in mind that the ME is advanced enough and exerts enough control over the installed system that it can be hacked and a keylogger covertly installed.

Knowing what I know of enterprise coding standards, the likelihood is greater that it is being abused than it isn't.