• CaptainSpaceman@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        11 months ago

        Moxie helped WhatsApp integrate the Signal protocol for e2ee, but I dont trust thatt they never implemented any backdoors in their protocol after Moxie was done helping them.

        IMO, just use Signal anyways. Fuck Meta

          • tsonfeir@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            11 months ago

            Do you believe everything you hear a company say who has proven themselves to be untrustworthy?

            End to end doesn’t necessarily mean that the middle can’t read it, it just means strangers listening can’t read it. WhatsApp isn’t open source, and auditing that encryption on a binary level would prove difficult.

            As we have seen, companies can also bow to the wills of governments, and if enough pressure is applied they often agree to backdoors.

            If it’s not open source, it’s a scam.

            • Kusimulkku@lemm.ee
              link
              fedilink
              English
              arrow-up
              1
              ·
              11 months ago

              End to end doesn’t necessarily mean that the middle can’t read it, it just means strangers listening can’t read it.

              I thought it meant nobody between the two ends can read it.

              • tsonfeir@lemm.ee
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                11 months ago

                End->(public network)->WhatsApp->(public network)->End

                So, no stranger can read it.

                The key word is stranger. WhatsApp made the encryption you’re using and could (and I’m sure does) have the ability to decrypt it.

                True end to end is where you and your partner have keys and you both encrypt on the client side, and don’t tell the middle man. That way no malicious intent from the server could ever decrypt the actual message.

                • Kusimulkku@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  11 months ago

                  True end to end is where you and your partner have keys and you both encrypt on the client side, and don’t tell the middle man. That way no malicious intent from the server could ever decrypt the actual message.

                  That’s how the Signal protocol they’re using is working