1
0
9x0rg.com/content/posts/infosec/the-cia-didnt-break-signal-or-whatsapp.md

32 lines
1.9 KiB
Markdown
Raw Normal View History

---
title: "The CIA didn't break Signal App"
date: 2017-03-08T10:06:00+06:00
draft: false
tags: ["encryption","infosec","signal app","whatsapp","data privacy","cia"]
author: "9x0rg"
hidemeta: false
ShowReadingTime: true
ShowPostNavLinks: true
showtoc: false
cover:
image: "<image path/url>"
alt: "<alt text>"
caption: "<text>"
relative: false # To use relative path for cover image, used in hugo Page-bundles
---
**The CIA didn't break Signal or WhatsApp... despite what you've heard.**
The agency might be able to break into your phone, but files released today show no ability to intercept encrypted chats before they arrive there.
> There's been one particularly misleading claim repeated throughout coverage of CIA documents released by WikiLeaks today: that the agencys in-house hackers “bypassed” the encryption used by popular secure-chat software like Signal and WhatsApp.
>
> It doesnt. Instead, it has the ability, in some cases, to take control of entire phones; accessing encrypted chats is simply one of many security implications of this.
>
> Its also true that the CIA can bypass PGP email encryption on your computer. And the CIA can bypass your VPN. And the CIA can see everything youre doing in Tor Browser. All of these things can be inferred by the documents, but that doesnt mean using PGP, VPNs, or Tor Browser isnt safe.
>
> Basically, if the CIA can hack a device and gain full control of it — whether its a smartphone, a laptop, or a TV with a microphone — it can spy on everything that happens on that device.
>
> It of course remains possible (as it always has and always will) that the CIA has cracked the encryption of Signal, WhatsApp, or any other piece of software. But WikiLeaks hasnt provided any evidence of that here today.
>
> -- Sam Biddle & Micah Lee in [The Intercept](https://theintercept.com/2017/03/07/the-cia-didnt-break-signal-or-whatsapp-despite-what-youve-heard/)