106

Can the government decrypt your WhatsApp chats? (lemmy.ml)

submitted 1 year ago by Fisch@lemmy.ml to c/privacy@lemmy.ml

86 comments fedilink hide all child comments

For open source messengers, you can check whether they actually encrypt your messages and whether the server has access to your encryption keys but what about WhatsApp? Since it's not open source, you can't be sure that the encryption keys aren't sent to the server, right? Has there been a case where a government was able to access WhatsApp chats without reading them from the phone itself?

you are viewing a single comment's thread
view the rest of the comments

[-] EveryMuffinIsNowEncrypted 1 points 1 year ago

They are not.

[-] Kusimulkku@lemm.ee 1 points 1 year ago* (last edited 1 year ago)

As far as I know the private keys are kept on the device and the app generates them. That's how Signal protocol works afaik. Do you have something to show that it's not the case for WhatsApp since stuff I searched for seemed to claim that's the case.

[-] EveryMuffinIsNowEncrypted 1 points 1 year ago

So, I looked it up and according to the official Whatsapp FAQ, the keys are indeed stored locally.

WhatsApp has no ability to see the content of messages or listen to calls that are end-to-end encrypted. That’s because the encryption and decryption of messages sent and received on WhatsApp occurs entirely on your device. Before a message ever leaves your device, it's secured with a cryptographic lock, and only the recipient has the keys. In addition, the keys change with every single message that's sent.

Still, considering WhatsApp is owned by Facebook, I wouldn't trust them. Their whole business model has always been about harvesting as much data as they can. I wouldn't be surprised if this turns out to be a total lie.

[-] Kusimulkku@lemm.ee 1 points 1 year ago

For sure they're not trustworthy and can't really verify either since it's proprietary app. But I mean more that unless they've specifically made some changes, the keys are stored locally. And afaik we don't really know of cases proving that they are lying about that.

[-] EveryMuffinIsNowEncrypted 1 points 1 year ago* (last edited 1 year ago)

Fair enough, I guess. Still, in my honest opinion, it's not worth it. They've already long since betrayed my trust, so they could say the sky is blue and I still wouldn't trust them. Lol.

this post was submitted on 09 Oct 2023

106 points (100.0% liked)

Privacy

34133 readers

666 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS