top | item 46839987

(no title)

Ex-WhatsApp engineer here. WhatsApp team makes so much effort to make this end to end encrypted messages possible. From the time I worked I know for sure it is not possible to read the encrypted messages.

From business standpoint they don’t have to read these messages, since WhatsApp business API provide the necessary funding for the org as a whole.

discuss

46493168|1 month ago

Facebook has never been satisfied with direct funding. The value is in selling attention and influencing users’ behavior.

neuralkoi|1 month ago

This is why most tech founders who go big never retire, even as billionaires. The power they gain, only the wisest would refuse.

bossyTeacher|1 month ago

> Ex-WhatsApp engineer here. WhatsApp team makes so much effort to make this end to end encrypted messages possible. From the time I worked I know for sure it is not possible to read the encrypted messages.

None of this makes the point you want to make. Being a former engineer. The team making "so much effort". You "knowing for sure". Like many in security, a single hole is all it takes for your privacy to pour out of your metaphorical bag of sand.

dangus|1 month ago

It’s not even “a single hole,” it’s that companies can change their mind at any time.

That person doesn’t work there anymore. For all we know Zuck could wake up one day and say “that’s it, we need the data and revenue from reading WhatsApp chats. Change our policy in the most low key way possible.”

Honestly, it’s too tempting isn’t it? They have the largest conversation network out there.

It doesn’t help that the company has just about zero trust built up among their customers. The whole dang company changed their name arguably to try to shed the “Facebook” baggage.

Taurenking|29 days ago

[deleted]

maqp|1 month ago

Nice! Hey, question: I noticed Signal at one point had same address on Google Play Store as WA. Can you tell us if Signal devs shared office space with WA during integration of the Signal protocol? Related to that, did they hold WA devs' hand during the process, meaning at least at the time it was sort of greenlighted by Moxie or something. If this is stuff under NDA I fully understand but anything you can share I'd love to hear.

xvector|29 days ago

It's public knowledge that Moxie and team helped out https://signal.org/blog/whatsapp-complete/

blindriver|1 month ago

It only takes one engineer in all the teams at Whatsapp that has different directives to make all your privacy work completely useless.

rustyhancock|1 month ago

The legal and liability protection these messaging services get from E2EE is far too big to break it.

Besides I get the feeling we're so cooked these days from marketing that when I get freaked out that an advert is what I was thinking about. It's probably because they made me think about it.

Or maybe I need to update my meds?

philipallstar|1 month ago

Assuming there's no code review or audit, I suppose.

dagmx|1 month ago

How would you hide that? Unless you’re assuming nobody ever has to try and fix bugs or audit code to find it, and there’s some kind of closed off area of code that nobody thinks is suspicious. Or you maintain a complete second set of the app core libs that a few clandestine folks can access, and then hope nobody notices that the binaries don’t line up and crash logs are happening in obscured places.

cactusfrog|1 month ago

I would be surprised if the code was hidden from other people engineers.

yarauuta|1 month ago

So how was Andreas Schjelderup caught sharing minor content?

zatertip|1 month ago

According to Kristeligt Dagblad in Denmark, he was using Snapchat: https://www.kristeligt-dagblad.dk/tidligere-superligaspiller...

mike_d|1 month ago

I have no doubt that that rank and file engineers were not aware of the underlying functionality that allowed for plain text content to be read.

Nobody would ever create a SendPlainTextToZuck() function that had to be called on every message.

It would be as simple as using a built in PRNG for client side key generation and then surreptitiously leaking the initial state (dozens of bytes) once in a nonce signing or something when authenticating with the server.

oofbey|1 month ago

I’ve often thought one of Zuck’s superpowers is in finding ways to get smart and moral people to do truly evil things. Sometimes it’s mind games. Sometimes it’s careful layers of obfuscation.

Here it might be: This analytics package is dynamically loaded at runtime because reasons. This abuse flagging and review system is bundled with analytics because reasons. This add on for reconfiguring how the analytics package behaves at runtime, and has a bunch of switches nobody remembers why they’re here but don’t touch them they’re fragile.

M95D|1 month ago

From what you know about WA, is it possible for the servers to MitM the connection between two clients? Is there a way for a client to independently verify the identity of the other client, such as by comparing keys (is it even possible to view them?), or comparing the contents of data packets sent from one client with the ones received on the other side?

Thanks.

NoahZuniga|1 month ago

No.

Whatsapp uses key transparency. Anyone can check what the current published keys for a user are, and be sure they get the same value as any other user. Specifically, your wa client checks that these keys are the right key.

Whatsapp has a blog post with more details available.

NoImmatureAdHom|1 month ago

The backups are either unencrypted by default or have keys held by Meta / your backup provider. I think this means three-letter agencies can see your chats, just with a slight delay.

Another comment above mentions that you can recover conversation histories with just your phone number--if that's true then yup. The E2EE is all smoke and mirrors.

ewuhic|1 month ago

[deleted]