Hacker Neue

Preferences
upofadown parent
>If WhatsApp decides to MITM your chats, it can't do so retroactively due to the properties of the protocol.

Can't they just set you up as a new device? The user wouldn't know if they left the notification at the default setting.

Whatsapp would not MITM ever single user. They would carefully target particular individuals.

palata
Well it's difficult for WhatsApp because it's closed source, so they can do whatever they want.

But let's assume the client app was open source, and WhatsApp decided to reset the key for some targeted users. Most users wouldn't realize, but if one did, then that would be very bad for WhatsApp. It would be all over the media. That's why it cannot be done at scale.

That's why it cannot be done at scale with Signal, too. Even if the users mostly ignore the "new key exchange" notification. If Signal MITM conversations and one person manages to prove it, then Signal is done. That's a pretty strong incentive for them not to do it.

kitkat_new
I think they could do literally anything, because it is closed source; including forging random keys or ignoring the notification setting, ...

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal