
End-to-end encryption does not prevent Facebook from accessing WhatsApp chats - humanetech
https://medium.com/@gzanon/no-end-to-end-encryption-does-not-prevent-facebook-from-accessing-whatsapp-chats-d7c6508731b2
======
Strom
There's no need for theoretical chat history leaks, there's already a
practical one in place. Online WhatsApp backups aren't encrypted with end-to-
end encryption. [1][2] WhatsApp keeps being "helpful" and aggressively
suggests users turn on online chat backup, without mentioning on the same
screen that this means your chat history will be uploaded without end-to-end
encryption. The history is encrypted with a key that is sent to WhatsApp
servers. This is used to provide a passwordless backup restore function even
when you lose your phone. You contact WhatsApp with your mobile number and
WhatsApp sends you back a code that is used to derive the key that was used to
encrypt the backup which was sent to Apple/Google.

All of this makes Zuckerberg's claims that law enforcement can't read the
messages because Facebook can't pretty misleading. Law enforcement could get
the backup from Apple/Google and the key from WhatsApp and have access to the
whole chat history. There are apps already available to help you through this
process. [3]

\--

[1] _Media and messages you back up aren 't protected by WhatsApp end-to-end
encryption while in iCloud._
[https://faq.whatsapp.com/en/iphone/20888066/](https://faq.whatsapp.com/en/iphone/20888066/)

[2] _Media and messages you back up aren 't protected by WhatsApp end-to-end
encryption while in Google Drive._
[https://faq.whatsapp.com/en/android/20887921/](https://faq.whatsapp.com/en/android/20887921/)

[3] _Elcomsoft Explorer for WhatsApp 2.30 can now download and decrypt Android
user’s encrypted WhatsApp communication histories_
[https://blog.elcomsoft.com/2018/01/extract-and-decrypt-
whats...](https://blog.elcomsoft.com/2018/01/extract-and-decrypt-whatsapp-
backups-from-google/)

~~~
yholio
There is another, even more direct route that works regardless of backup
settings: WhatsApp already includes a backdoor that allows it to decrypt all
messages and send them to Facebook servers, conditioned on a single UI
authorization from the user, specifically scanning a QR code on
[https://web.whatsapp.com/](https://web.whatsapp.com/)

Once the terminal is authorized, the backdoor channel is opened in perpetuity
and there is no more interaction with the user, it could happen at any time on
your phone and you have no way of knowing short of complex reverse engineering
of the app or network stream.

And there is absolutely nothing stopping Facebook from inserting code into
WhatsApp to skip the UI prompt when initially setting up the back channel, it
would be a few lines of code. With Google or Apple's collaboration, a
suspect's terminal could be surreptitiously updated to a vulnerable version
that could open the channel, then updated again to the stock version, all in a
matter of minutes, allowing law enforcement perpetual access to the stream of
decrypted data. It's likely NSA has sufficient private key material to
orchestrate something like this without any collaboration.

The (not) news here is that any end-to-end encryption scheme is just a way to
thwart packet sniffing hackers and telcos, and it has no effects on the
providers themselves, you still need to trust their binaries. Open source and
audited open repositories were never more relevant.

~~~
Santosh83
Asking as a layman unfamiliar with security jargon, do you mean to say that if
I ever log in on Whatsapp's web interface, even once, then my Whatsapp app and
the messages are backdoored?

~~~
Rjevski
Technically the key should never leave the web UI (and be discarded once you
close the page); but since they control the domain & what they serve, they
could serve a malicious version of it that silently exfiltrates that key back
to them which they can use later on even after you close the page.

------
StavrosK
I don't understand this argument. "Facebook control the WhatsApp code,
therefore they can do whatever they want, therefore they can read your
messages". I mean, yeah, by that metric, Signal could too, and every other
encrypted messenger. We never relied on "Facebook can't change the code" for
security, so I don't see how this post brings any new information to the
table.

I don't even know why it goes into backup folder details and things, as if
they matter. If Facebook wanted to change the code to read your chats, they
wouldn't have to count on the existence of a specially named folder, they
could just change the code to send the chats to them directly.

~~~
metildaa
Another angle on this is we have no way to know what is changed in each
WhatsApp version. There could be APIs its hitting that leak data, private keys
could be getting exported at the behest of a government, etc

Commoners have no transparency if Facebook is data mining who they talk to,
how often, what type of content and for how long. From the anecdata we have,
we know some of this metadata is being mined (contacts at this point).

~~~
ptx
Are they claiming that contacts are metadata and not data? In that case in
seems those framing the debate in terms of "metadata" have already reached the
second phase:

1) Claim that no data is harvested, only unimportant metadata that you
shouldn't be concerned about, so there is no need to worry!

2) Gradually expand the definition of "metadata" to include all desired data.

~~~
loup-vaillant
I've always understood timing, origin, and destination of a message to be
metadata. I'm on the fence about the size of the message. Only the contents
themselves are definitely data.

Of course, metadata sometimes contains even more information than the data
itself, so framing it as "unimportant" is already incredibly dishonest.

~~~
xt00
I think the open question is how does Facebook make money and justify their
expensive purchase of WhatsApp? It still seems to be an open question years
after the acquisition.. i think it is fair to bring up that if Facebook wanted
to maybe “parse and target” WhatsApp messages they could and also make the
statement that they are encrypted end to end. It does make me chuckle a bit
though that there is some debate about if zuck can be assumed to be forthright
or not.. the frontline episode about Facebook definitely sort of makes you
realize that Facebook and mark zuckerberg at least for a long time thought the
world needed to catch up to their super smarter than everybody thinking and
hey if there are consequences eh that’s the natural course of things..

~~~
crtasm
News from a couple weeks ago was they will start showing adverts in the status
feature.

------
petters
> it would take a good iOS developer just a few days to put in place code in
> both the Facebook and WhatsApp apps that could discretely copy this database
> from one app to the other, via their shared container.

Weird article. If modifying the WhatsApp app is on the table, there are
trivial ways to send decrypted messages elsewhere.

------
sergioj97
I think the encryption thing was more about Facebook not being able to
intercept your messages, read/store them, and remain unnoticed. Of course they
can "still" read your messages as they could rewrite the app in a few subtle
ways to achieve that easily, but that's nothing new.

I guess that if the app starts looking for the chats within the devices, it
would be much easier to spot than it would if the messages were just analyzed
as they went through WhatsApp's servers (so that's what the encryption is
for).

------
plantfbsdff
He is saying data can be access by facebook on your phone since its simply
using keychain to store your message and they have access to that keychain.
They could theoretically send your entire chat history to facebook. End-to-end
encryption does not entail they are not snooping on your phone, just that when
the message is sent, it is encrypted.

------
sarabande
I've never programmed for an app store -- what's the security measure that
ensures the Signal version you install corresponds to some trusted state of
the code base?

~~~
Joeboy
Signal has reproducible builds, which means you can build it from source
yourself and confirm that the result is exactly the same as what you got from
the app store. Obviously not many people actually do that, but it means google
can't start pushing bad versions without a significant risk of getting caught.

------
samblr
Facebook treats our Whatsapp message content just like it's feed.

Here is what happened few weeks ago : I exchanged whatsapp messages with a
well known founder. Lo and behold - news about him and his startup are all
over my facebook feed. Some which was published years ago.

We live in echo chambers.

------
m-p-3
End-to-end encryption like these shouldn't be considered private as long as no
one else than yourself control the private key.

It's not as convenient, but misplacing trust into corporation that has no
interest in your privacy is dangerous.

------
discoball
Common sense says that since FB owns WhatsApp no one should trust it. It's no
different than if China owned WhatsApp. I mean WeChat. Just common sense.

------
sidcool
Title is a bit misleading in my opinion. If you back up your chats to Google
Drive, they obviously won't be E2E encrypted.

------
umairj
I have also noticed seeing ads related to my voice calls and images shared
over WhatsApp. Has anyone else noticed the same?

------
throwaway648
and os companies can install key loggers on your device/machine. and chipset
manufacturers can backdoor the system. and so on.

no piece of hardware or software is safe from evil deeds of people building
them.

------
addedlovely
Messages may be sent encrypted, but I bet they are analysed before being
encrypted. Without an external independent audit I'm not sure I'd trust Zuck.

