For open source messengers, you can check whether they actually encrypt your messages and whether the server has access to your encryption keys but what about WhatsApp? Since it’s not open source, you can’t be sure that the encryption keys aren’t sent to the server, right? Has there been a case where a government was able to access WhatsApp chats without reading them from the phone itself?

  • cmeerw@programming.dev
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Group chats are also end-to-end encrypted in WhatsApp (so any monitoring would need to be done in cooperation with one of the participants’ devices before encryption or after decryption)

      • cmeerw@programming.dev
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        In a subpoena case in India, that turned out to be not true.

        Source please.

        WhatsApp admins hold keys to being able to do that under law pressure.

        How do they get the keys?

        They only guarantee it for 1-1 messages and statuses, and against “generic” actors for group chats…

        Who is “they”?

        • Chaotic Entropy@feddit.uk
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          Yeah… I see no reference to this anywhere… some stuff in 2021 about WhatsApp protesting privacy law changes in India and some stuff about the liability of Group Admins for things posted in groups. Nothing about broken encryption measures.

          I can only assume they are referring to WhatsApp Group Admins, who are inherently part of the group, as opposed to WhatsApp company admins.