Stories
Slash Boxes
Comments

SoylentNews is people

WhatsApp Encrypts End-to-End in Latest Version

posted by cmn32480 on Tuesday April 05 2016, @11:17PM   Printer-friendly
from the what-about-beginning-to-beginning dept.

Max Hyre writes:

The title pretty much says it all. According to the report:

the service will encrypt all messages, phone calls, photos, and videos moving among [the devices].

Moxie Marlinspike is involved, so they have a chance of getting it right, and no one, even WhatsApp, will be able to know what you”re saying, texting, viewing, &c. (Unless, of course, your widget is running malware, or the opposition can get their mitts on it.)-: They claim this is available on nearly a billion devices—this is a really big deal.

takyon: Alternate links with no Wired paywall: TechCrunch, Washington Post, CNET, Reuters.

Original Submission

 
This discussion has been archived. No new comments can be posted.
WhatsApp Encrypts End-to-End in Latest Version | Log In/Create an Account | Top | 52 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by Francis on Tuesday April 05 2016, @11:56PM

    by Francis (5544) on Tuesday April 05 2016, @11:56PM (#327859)

    Depends how it's set up. They could set it up so that they don't have access to the device specific keys, such as via public key cryptography. In which case, it doesn't matter what letters they get, they wouldn't have the ability to break in there and can't be legally compelled to do so.

  • (Score: 0) by Anonymous Coward on Wednesday April 06 2016, @01:13AM

    by Anonymous Coward on Wednesday April 06 2016, @01:13AM (#327881)

    "Deploy a software update to this device's IP address that sends us a copy of the password and backdoors further encryption"

    • (Score: 1) by Francis on Wednesday April 06 2016, @02:42AM

      by Francis (5544) on Wednesday April 06 2016, @02:42AM (#327904)

      Google doesn't permit 3rd party updates. The only updates they can make are through play. I believe that Apple has similar rules.

      So, unless you're sideloading the app, they can't do that. Also, they can only access data that's stored at that time, not necessarily anything that you've been talking about previously.

      • (Score: 2) by frojack on Wednesday April 06 2016, @05:10AM

        by frojack (1554) Subscriber Badge on Wednesday April 06 2016, @05:10AM (#327931) Journal

        There is another hole to consider.

        Both Apple and Google have backup of settings you've made on your device. Maybe Windows phone too for all I know.
        They back up various app data. https://support.google.com/nexus/answer/2819582?hl=en [google.com]

        So if someone could get to your google account, they could attempt to get at that data, and probably get keys to a lot of castles.

        I've had one app issue an update just to turn off backup of its settings as that google backup represented a security risk.

        --
        No, you are mistaken. I've always had this sig.

      • (Score: 0) by Anonymous Coward on Wednesday April 06 2016, @10:41AM

        by Anonymous Coward on Wednesday April 06 2016, @10:41AM (#327998)

        "Deploy a software update that sends us a copy of the password and backdoors further encryption for this device"

  • (Score: 2) by bitstream on Wednesday April 06 2016, @02:53PM

    by bitstream (6144) on Wednesday April 06 2016, @02:53PM (#328081) Journal

    How would you know it actually does what it says?