If you get a new phone and don’t import anything from your existing phone, then messages you receive will be unable to be decrypted. Since WhatsApp uses the Signal encryption protocol, it’s fairly detailed how receiving a message which can’t be decrypted can start an initialization to the sender to retry sending the messages: https://signal.org/docs/specifications/sesame/#retry-requests-and-delivery-receipts
The signal app will prompt you when a contact’s public key is updated, but IIRC, by default Whatsapp will not do this, and it will automatically happen under the hood, which is why it appears like magic.
Thanks. Haven’t used them in like a decade so things seem to have changed. At the time, new phone meant your messages transferred automatically.
At the same time, even if Facebook requires a backup for the messages to show up, as the app is close sourced, how would one know for sure whether the app doesn’t harvest the private key anyway?
With regard to private key, for backups, this relies on the HSM in Apple and Android devices, so the private key is engineered to never be accessible by Facebook. Here’s how they say they use the HSM to encrypt the backups: https://engineering.fb.com/2021/09/10/security/whatsapp-e2ee-backups/
There’s no way to be 100% certain, but if Whatsapp were found to have access to the private keys, it would be huge damaging news, so why would they risk it? Security researchers can watch the traffic going to/from the app and the OS APIs being called, and can see the HSM being invoked. Despite it being closed source, that doesn’t mean it’s less secure and there’s no one verifying the security claims.
Thanks for explaining. It’s interesting and outside metadata there could be a case for data being secure. However, this is the same company that lied and got fined in the EU when they asserted that they wouldn’t be able to link WhatsApp and Facebook identities. This allowed the merger to happen. Security and privacy being something that the average Joe doesn’t care that much, it wouldn’t be too much of a negative impact when they already have so much bad press on other matters. Finally, from an ethical perspective, I’ll give this corp a miss. Values don’t really align with my personal ones even if privacy and security were beyond reproach.
If you get a new phone and don’t import anything from your existing phone, then messages you receive will be unable to be decrypted. Since WhatsApp uses the Signal encryption protocol, it’s fairly detailed how receiving a message which can’t be decrypted can start an initialization to the sender to retry sending the messages: https://signal.org/docs/specifications/sesame/#retry-requests-and-delivery-receipts
The signal app will prompt you when a contact’s public key is updated, but IIRC, by default Whatsapp will not do this, and it will automatically happen under the hood, which is why it appears like magic.
Thanks. Haven’t used them in like a decade so things seem to have changed. At the time, new phone meant your messages transferred automatically.
At the same time, even if Facebook requires a backup for the messages to show up, as the app is close sourced, how would one know for sure whether the app doesn’t harvest the private key anyway?
Sounds like you used Whatsapp pre Signal which happened in 2016: https://signal.org/blog/whatsapp-complete/
With regard to private key, for backups, this relies on the HSM in Apple and Android devices, so the private key is engineered to never be accessible by Facebook. Here’s how they say they use the HSM to encrypt the backups: https://engineering.fb.com/2021/09/10/security/whatsapp-e2ee-backups/
There’s no way to be 100% certain, but if Whatsapp were found to have access to the private keys, it would be huge damaging news, so why would they risk it? Security researchers can watch the traffic going to/from the app and the OS APIs being called, and can see the HSM being invoked. Despite it being closed source, that doesn’t mean it’s less secure and there’s no one verifying the security claims.
Thanks for explaining. It’s interesting and outside metadata there could be a case for data being secure. However, this is the same company that lied and got fined in the EU when they asserted that they wouldn’t be able to link WhatsApp and Facebook identities. This allowed the merger to happen. Security and privacy being something that the average Joe doesn’t care that much, it wouldn’t be too much of a negative impact when they already have so much bad press on other matters. Finally, from an ethical perspective, I’ll give this corp a miss. Values don’t really align with my personal ones even if privacy and security were beyond reproach.