For open source messengers, you can check whether they actually encrypt your messages and whether the server has access to your encryption keys but what about WhatsApp? Since it’s not open source, you can’t be sure that the encryption keys aren’t sent to the server, right? Has there been a case where a government was able to access WhatsApp chats without reading them from the phone itself?

  • TheAnonymouseJoker@lemmy.ml
    link
    fedilink
    arrow-up
    14
    arrow-down
    4
    ·
    1 year ago

    No. One-to-one chats are E2EE. However, group chats, if forced by government, can be subpoenaed and monitored by WhatsApp admin team temporarily.

    However, the best way to break encryption is usually a $5 wrench on someone’s head, which is how governments and authorities really do it.

    • cmeerw@programming.dev
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Group chats are also end-to-end encrypted in WhatsApp (so any monitoring would need to be done in cooperation with one of the participants’ devices before encryption or after decryption)

      • TheAnonymouseJoker@lemmy.ml
        link
        fedilink
        arrow-up
        6
        arrow-down
        5
        ·
        1 year ago

        In a subpoena case in India, that turned out to be not true. WhatsApp admins hold keys to being able to do that under law pressure. They only guarantee it for 1-1 messages and statuses, and against “generic” actors for group chats…

        • cmeerw@programming.dev
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          1 year ago

          In a subpoena case in India, that turned out to be not true.

          Source please.

          WhatsApp admins hold keys to being able to do that under law pressure.

          How do they get the keys?

          They only guarantee it for 1-1 messages and statuses, and against “generic” actors for group chats…

          Who is “they”?

          • Chaotic Entropy
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            Yeah… I see no reference to this anywhere… some stuff in 2021 about WhatsApp protesting privacy law changes in India and some stuff about the liability of Group Admins for things posted in groups. Nothing about broken encryption measures.

            I can only assume they are referring to WhatsApp Group Admins, who are inherently part of the group, as opposed to WhatsApp company admins.

          • TheAnonymouseJoker@lemmy.ml
            link
            fedilink
            arrow-up
            3
            arrow-down
            5
            ·
            1 year ago

            I read about it long ago, it is a bit more complicated than that. https://haniahshafi.medium.com/are-whatsapp-group-chats-vulnerable-to-spying-despite-end-to-end-encryption-ab0e522fa8d9

            In a subpoena case in India, that turned out to be not true. WhatsApp admins hold keys to being able to do that under law pressure. They only guarantee it for 1-1 messages and statuses, and against “generic” actors for group chats…

            They only guarantee it for 1-1 messages and statuses, and against “generic” actors for group chats…

            Who is “they”?

            May I ask you what is with this passive aggressive attempt at labelling me antisemitic?