Keeping Tabs on WhatsApp’s Encryption

Whatsapp has a huge share in this country, and mostly out of necessity, I use it on a daily basis. Which makes this study by the Heise security team in Germany all the more interesting. They MITM’ed a Whatsapp connection and concluded that indeed TextSecure’s end-to-end encryption was being used, as promised. But only on Android devices, not iOS devices. No word on the web interface. Can we all get on Telegram already?

“This seems to be the core problem with WhatsApp’s end-to-end encryption: You never really know if it is actually being used. Neither when sending nor when receiving messages with the official WhatsApp client is there any indication if E2E encryption is in place. Our lab tests only show that messages are encrypted in principle but that is not enough for dependable use in the real world. Even heavier weighs the fact that, as far as we know, WhatsApp has never committed to guarantee its users E2E encryption. E2E encryption with WhatsApp therefore remains a token effort.”

Read More

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s