WhatsApp calls: the perfect malware distribution method

A bombshell over the weekend with unprecedented consequences: WhatsApp, an app used by 1.5 billion people around the world, was discovered to contain a vulnerability that infected any phone with a simple phone call.

Not only did you not need to answer the call at all, the target would be left none the wiser, as the malware it installed could also allegedly erase call logs. Who's responsible for the attack? According to the report, it was developed by Israeli company, NSO Group. 

Not only did it catch Facebook by surprise, leaving it just a few days to resolve the flaw, the company doesn't actually know which users were targeted yet. According to some stories, the company resolved it in "less than ten days" and secured the back-end infrastructure to prevent it from being used.

We don't know much about the attack specifically other than it being logged as a buffer overflow exploit that allowed attackers to exploit every phone platform from iOS to Android, Windows Phone and even Tizen. 

If there's any good news at all here, it's that Facebook believes it was incredibly complex to deploy the attack, and highly valuable as an exploit, so it would only have been used by "highly motivated" actors—meaning specific user targeting.

What about NSO Group, the folks supposedly behind this attack? They're a private Israeli company, which is well known for creating surveillance-based attacks and selling them to whoever is willing to buy. Citizen Lab reported on Monday that a human rights lawyer was targeted (and blocked) by WhatsApp—but it shows how grave these kinds of attacks can be for real people.

Amnesty International has backed a lawsuit, which will be filed in Israeli court tomorrow, against the Ministry of Defense for allowing private companies like NSO Group to run rampant—but others have wondered aloud about why international governments haven't sanctioned the company either, which makes one wonder if they're also customers.

NSO, naturally says that it's "carefully vetted" customers for any abuse—whatever that means—and absolved itself for blame for whatever its customers do with the things it invents, saying that "NSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual.

A reminder, if anything, to secure yourself as best you can against threats—but also that everything is sometimes incredibly futile.

Disney just took full control of Hulu

If you thought Disney+, the company's mega-streaming-service, was the entire story, you would be mistaken. I wrote a few weeks ago about how Disney has quietly pursued a takeover of Hulu's streaming service, which it owns a majority of, and it's now successfully won: Comcast will give up its stake.

A long series of dances will commence from here, but Disney played this acquisition incredibly well with a special "put/call" agreement that allows either side to force the sale whenever they feel like pulling the string. The deal also says that Comcast will provide NBCUniversal content for Hulu, in exchange for "certain Disney content" on its own streaming service, which will debut this year.

Welcome to the streaming wars—the smell of money is in the air, and everyone wants in. Just a year from now, it's going to look incredibly different from today, as all of these major players are making metaphorical content land-grabs as quickly as possible. Then, they'll come for your monthly money.

Tab Dump

Apple's facing a big antitrust case over the App Store—and it just lost the first step [CNBC]
The Supreme Court ruled on Monday that Apple may have a monopoly over the App Store, which it created for its own platform, due to how it enforces rules surrounding payments and the simple fact that enforces rules on app-makers, who are prevented from mentioning that they offer payments elsewhere. This case will go on for years but this ruling is a bad, if symbolic, first blow.

Lenovo shows off a prototype folding ThinkPad, coming in 2020 [The Verge]


I remain convinced that this is a better use case for foldable screens than phones ever were, and the quality of the implementation even though this is a year away demonstrates that—this is the WestWorld tablet we all deserve.

The OnePlus 7 looks like a phone from the future [VentureBeat]
No notches, a retractable camera and a 90hz screen. I... don't need a new phone but this looks fabulous.

Apple just made it as easy as a single tap to pay for things like Bird scooters [9to5Mac]

Uber's CEO acknowledged in an internal email that it had a rocky IPO—but says it's always this way for a while [Bloomberg] 

Facebook faces a FTC agreement that would place probes on the company for 20 years—and the ruling will be announced in a month [Reuters]