Re: "Me thinks the UK bod really was implying that you install spyware on one of the devices "
Maybe it did explode but nobody noticed.
Maybe nobody noticed because there wasn't anything in there to go "pop" in the first place?
Saying that, fat good it is having uber secure and encrypted app if you run it on a complete sieve of an OS like Android.
Fact is, Android was designed from the ground up for spying. That was its prime purpose. Sure, the spying was for Google so they could target ads and make money off you (hence the OS was free) rather than some dark government agency, but spying none the less.
Hence why permissions are such a tacked on joke, and you have to fight the OS to stop it sending data to third parties (and you can never be sure you got it all).
The problem is, even if Google do not co-operate and provide access to their spying system to governments (which I find unlikely they would deny, even if they publicly deny it) government black hats can reverse engineer the OS and find them themselves.
It is like when you insert a backdoor into a system, for whatever reason (even a complete pure and noble one), there is always the chance someone else will stumble upon it, and abuse it.
Same here, so when the GHCQ boss says they can access encrypted messages, I believe him, they don't have to break the encryption, or the app itself.
If the underlying OS is compromised, everything above it is blown wide open (to the point of them pulling the session keys out of memory if they wanted to). Keypresses, screen output, microphone, camera, the lot.
Biting the hand that feeds IT
