When asked about WhatsApp’s security in the wake of reports that the crown prince of Saudi Arabia hacked the Amazon CEO’s phone via a WhatsApp message, Clegg seemed to struggle with defending the messaging app’s security.
Speaking to the BBC, Clegg, a former UK deputy prime minister, attempted to shift blame for the incident onto Apple. But his meandering explanation wasn’t exactly clear.
“It sounds like something on the, you know, what they call the operating, the operating, the phone itself,” he sputtered. “It can’t have been, it can’t have been anything on the, when the message was sent in transit, because that’s end-to-end encrypted on WhatsApp.”
He continued: “It’s a bit like if someone sends you a malicious email, it only comes to life when you open it. I suspect it must have been something like that, so something would have affected the phone operating system.”
If that sounds incomprehensible to you, well, you’re not alone.
Facebook declined to elaborate on the comments, but it seems Clegg is trying to make two separate points: 1) WhatsApp’s encryption wasn’t compromised (which hasn’t been alleged in relation to the Bezos incident), and 2) if Bezos’ phone was compromised via WhatsApp, it’s because of flaws in his phone’s operating system.
Clegg isn’t the first Facebook official to make this argument. Earlier this week, Facebook’s VP for Europe, the Middle East, and Africa also pointed the finger at “operating systems.” (Bezos used an iPhone.)
“One of the things that it highlights is actually some of the potential underlying vulnerabilities that exist on the actual operating systems on phones,” Facebook’s Nicola Mendelsohn said in an interview at Davos.
The issue with this explanation? While it’s convenient in keeping Facebook’s long-running beef with Apple alive, it ignores the fact that WhatsApp is vulnerable to spyware and other security flaws. Which is why security experts say it’s inadvisable for world leaders or, say, billionaire CEOs, to conduct official business with the messaging app.