For open source messengers, you can check whether they actually encrypt your messages and whether the server has access to your encryption keys but what about WhatsApp? Since it’s not open source, you can’t be sure that the encryption keys aren’t sent to the server, right? Has there been a case where a government was able to access WhatsApp chats without reading them from the phone itself?

  • cmeerw@programming.dev
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago

    In a subpoena case in India, that turned out to be not true.

    Source please.

    WhatsApp admins hold keys to being able to do that under law pressure.

    How do they get the keys?

    They only guarantee it for 1-1 messages and statuses, and against “generic” actors for group chats…

    Who is “they”?

    • Chaotic Entropy@feddit.uk
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Yeah… I see no reference to this anywhere… some stuff in 2021 about WhatsApp protesting privacy law changes in India and some stuff about the liability of Group Admins for things posted in groups. Nothing about broken encryption measures.

      I can only assume they are referring to WhatsApp Group Admins, who are inherently part of the group, as opposed to WhatsApp company admins.