So one issue around privacy is that bad actors get access to your data through commercial or spurious routes. Manipulation through coercive commerce is real. And all the data gatherers are guilty of it.
What about Governments tracking their opponents, activists and journalists raising their voices against whatever they believe is against the interest of the citizens? NSO an Israeli company was recently called out by WhatsApp for hacking into the app. This was done by “remotely install(ing) surveillance software on phones and other devices using a major vulnerability in messaging app WhatsApp,” reports BBC. So how did it work? ‘attackers used WhatsApp’s voice calling function to ring a target’s device. Even if the call was not picked up, the surveillance software could be installed.“ Prof Alan Woodward from the University of Surrey quoted said it was a “pretty old-fashioned” method of attack. ” A buffer overflow is where a program runs into memory it should not have access to… in which malicious code can potentially be run”.
What’sApp disclosed the attack but critical questions remain – does updating WhatsApp actually remove the Spyware? Jury is still out.
Where I learnt this #392
WhatsApp discovers ‘targeted’ surveillance attack