this post was submitted on 30 Apr 2026
744 points (98.9% liked)

Technology

84256 readers
3324 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
744
A federal agent said WhatsApp's encryption is a lie. Then the investigation was shut down (www.techspot.com)
submitted 1 day ago by throws_lemy@reddthat.com to c/technology@lemmy.world
86 comments fedilink hide all child comments
 

A 10-month Commerce Department probe concluded Meta could view all WhatsApp messages in unencrypted form

you are viewing a single comment's thread
view the rest of the comments
[–] zergtoshi@lemmy.world -2 points 1 day ago (2 children)

They can log anything they want and have nothing useful, if the encryption protocol is sound.
Have a look at how TLS is designed, if you want to know more.

[–] Treczoks@lemmy.world 11 points 23 hours ago

I know my way around cryptography, therefor I am skeptical. If push comes to shove, they can simply command the Whatsapp App to silently surrender the keys. Nobody would know, it is a closed source app and protocol, and they can hide what they are doing inside the (probably) TLS encrypted stream.

[–] dependencyinjection@discuss.tchncs.de 15 points 1 day ago (1 children)

You can have the soundest encryption in the world but if they have access to the keys it doesn’t matter, they can see everything.

[–] zergtoshi@lemmy.world 6 points 1 day ago (1 children)

But the key exchange is not the issue then.
Access to private keys is.
If the host system, on which the key exchange runs, is compromised, you're toast.

[–] Railcar8095@lemmy.world 7 points 1 day ago (2 children)

Where's the private key? I can get a new phone, log with WhatsApp and download all the historical messages without intruducing any additional password or key.

I assume they have all the required data too.

[–] MalMen@masto.pt 2 points 1 day ago

@Railcar8095 @zergtoshi actually is not my exlerience with whatsapp, since I have the backups disable, everytime I change phones I lost all my conversations. But since whatsapp is closed source, the app can indeed use encryption to comunicate p2p, but I will allways assume that the key is logged by meta, "just in case"

[–] zergtoshi@lemmy.world 1 points 1 day ago (1 children)

Sounds like a compromised phone in the sense that it doesn't protect (and instead transmit) the private key.

[–] Railcar8095@lemmy.world 5 points 1 day ago (1 children)

That's not the phones fault, but how WhatsApp works

[–] zergtoshi@lemmy.world -2 points 22 hours ago (2 children)

How is a phone not compromised if it hosts apps that play into the hands of evil actors?

[–] WhyJiffie@sh.itjust.works 1 points 18 hours ago

it is not, unless the app can exfiltrate data from other apps

[–] Railcar8095@lemmy.world 0 points 20 hours ago

I undersrstand my threat model and how to limit exposure.