> WhatsApp uses end-to-end encryption, meaning a service provider in the middle can’t read a message.
I wish this meme that "whatsapp is secure because it uses e2e encryption" would die.
Why does it matter if the messages are e2e encrypted if the messages are managed on the two ends of the channel by a closed source binary that does who-knows-what.
The whatsapp app itself sees the clear text message. What it does with that information... or what "metadata" it extracts to send to their servers.. who knows.
Considering how popular WhatsApp is, it's very hard to believe that there are no security researchers reverse-engineering its crypto code.
Because WhatsApp uses end-to-end encryption, any backdoor must necessarily be on the client side, and all client-side code can ultimately be reverse-engineered. This makes such backdoors very tricky to implement.
With that said, while I think a "general backdoor" (one that weakens the crypto algorithms so much that all messages can ultimately be read by Meta) is super unlikely, a "vulnerability" in some image parsing library, designed and implemented by the NSA, and only used on the most interesting targets... now that's a different story.
> any backdoor must necessarily be on the client side
True, but it might be a part of an update that only hits a white-list of users, so you won't find the actual code that steals your private keys if you're on that list.
This is not allowed as far as I know, at least on iOS.
iOS apps aren't allowed to run arbitrary code that hasn't been signed by Apple. What goes in the AppStore is what runs on your device, and apps are physically incapable of writing data to executable memory. Safari / the built-in Javascript interpreter (and I guess third-party browsers in the EU) are notable exceptions here, as they need JIT.
Sure, Apple could develop special infrastructure to push fake updates to a predesignated list of targets, but at that point, you don't even need collaboration from Meta, and open source apps like Signal are just as vulnerable.
If Apple was willing to go that way, they wouldn't even need to bother with app updates. Ultimately, your messaging history has to be stored on your device in a way that your device can decrypt, and Apple could just steal that info.
I can't speak to what the situation is like on Android, but I presume similar mechanisms exist.
I think the real reason people don't take supply chain endpoint security seriously is that it too quickly regresses to distrust of the OS and hardware. At that point you abandon smartphones entirely.
Thats the paranoid answer. The much simpler answer is that you don't maintain the software on it; updates are done silently by whatever the hardware vendor decides passes their muster (or motive).
You should! They are government surveillance devices that broadcast their position at all times along with every bit of data they gather from their array of sensors: gyro, mic, camera, radio
If the messages are managed on the two ends of the channel by a closed source binary that does who-knows-what.
The meme/trope is that you can't possibly know what such an app does without the source. It just isn't true. There'd be no meaningful phone vulnerability research if it was.
Imagine if they pushed an update of the app out with the vuln to only some users, or users in {country} in their app release configs
"Imagine an arbitrarily powerful adversary operating in arbitrarily narrow, undetectable ways" is not meaningful threat modeling beside being a kind of Universal Goalpost Moving technique. It is not a 'meme' that WhatsApp is e2e encrypted if that's the form and content of your objection. The other thing is still the meme!
> "Imagine an arbitrarily powerful adversary operating in arbitrarily narrow, undetectable ways
Imagine reading the docs. It's a literal thing you can do by pushing code down to the mobile client from your server. We do this all the time for our app. I'm not sure what you're arguing.
> Why does it matter if the messages are e2e encrypted if the messages are managed on the two ends of the channel by a closed source binary that does who-knows-what.
Would you prefer your dissident messages be read by Meta Corporation or the Islamic Republic of Iran? That's the difference.
No, there's no technical difference in the sense that neither solution can be verified to be probably secure vs. third party inspection. But in the real world the specifics of who the actors are are and the tactics they are known to employ are absolutely part of the threat model.
That's not responsive, though. The point is there are actual human beings in a war zone under a repressive regime making decisions about software. And they aren't interested in your abstract idea about "corpos" being "pressured". They want not to be snatched by the secret police. Please.
Can you cite the specific instance of Meta (or whoever) receiving pressure that led to an extrajudicial arrest (or whatever)? Or at least the specifics of the sharing that would enable it? Because if you're not talking about specifics your point is "abstract" by definition.
Repression in Iran is real, not abstract. It happens, the state wants to monitor internet use to enable it, and the linked article is very specific about them wanting to disallow Meta's product.
I wish this meme that "whatsapp is secure because it uses e2e encryption" would die.
Why does it matter if the messages are e2e encrypted if the messages are managed on the two ends of the channel by a closed source binary that does who-knows-what.
The whatsapp app itself sees the clear text message. What it does with that information... or what "metadata" it extracts to send to their servers.. who knows.