106
submitted 1 year ago by Fisch@lemmy.ml to c/privacy@lemmy.ml

For open source messengers, you can check whether they actually encrypt your messages and whether the server has access to your encryption keys but what about WhatsApp? Since it's not open source, you can't be sure that the encryption keys aren't sent to the server, right? Has there been a case where a government was able to access WhatsApp chats without reading them from the phone itself?

you are viewing a single comment's thread
view the rest of the comments
[-] Knusper@feddit.de 2 points 1 year ago

Problem is that they can still compromise it. Simplest method would be to just take what you've typed into the UI and send it two times. One time to your communication partners and one time unencrypted / decryptable for themselves.

But even if they're exclusively sending via Signal's library and not tampering with it or anything, they can still instruct Signal's library to add another member to a group chat. And that 'member' can be their server. It will be sent, fully end-to-end-encrypted, but to an end you don't know about.

this post was submitted on 09 Oct 2023
106 points (100.0% liked)

Privacy

32130 readers
524 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS