• tsonfeir@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Do you believe everything you hear a company say who has proven themselves to be untrustworthy?

    End to end doesn’t necessarily mean that the middle can’t read it, it just means strangers listening can’t read it. WhatsApp isn’t open source, and auditing that encryption on a binary level would prove difficult.

    As we have seen, companies can also bow to the wills of governments, and if enough pressure is applied they often agree to backdoors.

    If it’s not open source, it’s a scam.

    • Kusimulkku@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      End to end doesn’t necessarily mean that the middle can’t read it, it just means strangers listening can’t read it.

      I thought it meant nobody between the two ends can read it.

      • tsonfeir@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        End->(public network)->WhatsApp->(public network)->End

        So, no stranger can read it.

        The key word is stranger. WhatsApp made the encryption you’re using and could (and I’m sure does) have the ability to decrypt it.

        True end to end is where you and your partner have keys and you both encrypt on the client side, and don’t tell the middle man. That way no malicious intent from the server could ever decrypt the actual message.

        • Kusimulkku@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          True end to end is where you and your partner have keys and you both encrypt on the client side, and don’t tell the middle man. That way no malicious intent from the server could ever decrypt the actual message.

          That’s how the Signal protocol they’re using is working

                • Kusimulkku@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  You seem confused. E2EE doesn’t mean peer-to-peer. Signal protocol isn’t peer-to-peer. You don’t need to be peer-to-peer to have secure communication because E2EE makes it so that the server can’t read what the two ends are writing.

                  • tsonfeir@lemm.ee
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    1 year ago

                    Can you prove to me that WhatsApp actually encrypts the message on the phone in such a way that WhatsApp can’t see the message when it’s on their server?

                    Do you truly believe a company owned by Meta would provide that kind of security from THEM? A company whose income is profiting on DATA supplied by users?

                    Tell me you believe this.