1. 31

The original article is behind a paywall: https://www.ft.com/content/4da1117e-756c-11e9-be7d-6d846537acab


  2. 4

    I’m really curious to learn how something like this can happen. Has anyone found more technical details about this security vulnerability?

    1. 8

      Apparently, according to a comment, it exploited a buffer overflow in the VOIP code.

    2. 3

      Considering that WhatsApp uses the same protocol as Signal. I wonder if the issue is in this specific implementation or the protocol. What is the likely-hood of the same or similar issue existing in Signal?

      Is there any info if this bug was limited to iOS or does it also affect Android WhatsApp app?

      1. 2

        According to the original Financial Times report, it affects both.

        1. 2

          1: You are not correct, the article says nothing of the kind.

          2: According to an article by WIRED magazine on the topic, Signal is not vulnerable, just the WhatsApp implementation of the Signal protocol. Makes you wonder what other code is in there…

      2. 3

        The original article from FT is much more interesting, if you’re blocked by the paywall, it has been archived here: https://archive.is/Z6eto