The discussion revolves around how users have managed to bypass WhatsApp Web's locked chat feature, highlighting the shortcomings in WhatsApp's security measures. The participants note that many features are enforced client-side, making them vulnerable to manipulation via developer tools. This has led to a broader conversation about security in web applications, particularly focusing on the inadequacy of security-through-obscurity. One user contrasts the expectations of a 'locked' feature with its actual implementation, questioning its effectiveness and purpose. Additionally, there's mention of challenges with Facebook's bug bounty programs due to account issues, further emphasizing the challenges in reporting vulnerabilities.