Hacker News new | past | comments | ask | show | jobs | submit login

If the end-to-end encryption is working as designed then "a big fat pipe into the WhatsApp data-center" would be of no help.

For high enough value targets the NSA is probably happy to compromise the endpoints.




True, I don't know what I was thinking when I wrote that.

I guess the recent case with the FBI and the iPhone shows what will happen if they want messages badly enough.


Can't it be e2e encryption with WhatsApp keeping a copy of the private keys? or does e2e enc implicitly means the private keys are never exchanged?


WhatsApp wouldn't keep the private keys. That being said, this system could still be hacked - when the clients exchange public keys, you insert yourself in the middle, provide your own public keys to each client, and mediate between the two clients, which gives you access to the unencrypted messages.


That only works in transport if the connection is not pinned. I don't know if they do pin, but they should.

If they pin then the NSA would have to actually have access to the data center and doing that much without getting noticed is quite hard.


True, but I bet that the NSA could force WhatsApp to issue certificates for fake keys. Obviously can't do that without being noticed, but they could still use it to spy on specific users if they wanted.


With end to end encryption the private keys are generated on the endpoint, there's no need for them to ever leave it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: