This is offset by two factor authentication: Pin-based or email based. If you want extra security the encrypt your device and two-factor your phone number based messenger.
If this is true, It's really sad. Whatsapp penetration is so high around me that not using it's... very impractical. I do use other channels with some friends, but I don't think people will adopt other channels any time soon.
Turn on the setting to warn you when the other party's encryption key changes and go about your business. This is non-news unless you have unusually good cause to worry about targeted attacks.
Why are crypto geeks always so black and white? Is there really only "perfect" or "useless" with nothing in-between?
Notably, a noted goal of WhatsApp encryption was to stop mass surveillance. I'm no expert but I dont see how these objections make mass surveillance of messages remotely as easy as it was when WhatsApp was entirely unencrypted
This is a great example of security nihilism. "This tool can't protect against every possible attack from every possible adversary, therefore it is useless."
Building safe, secure products at scale for real populations is a process of balancing multiple equities and addressing the most pressing and realistic threat scenarios. This always means building security protections that have theoretical failure modes. The real art is in trying to make those failures as graceful as possible while educating your huge, diverse set of users on the security properties of the product and in what situations they can rely upon it.
Doing this well is still something the entire industry needs to work on, but giving it a shot and building practical protections for real people is always a better option than throwing up your hands and giving up.
I agree. Every encryption can be cracked given either infinite resources or time. The goal of encryption is to make it (much) harder to eavesdrop on communications, often to a point that it's not feasible to do so anymore. Even if SS7 can be exploited in such a way that actually breaks encryption, it adds layers and layers of complexity that makes large scale spying hard or nearly impossible. These kind of attacks require individual approach, which is harder than, for example, logging all plaintext traffic.
> Is there really only "perfect" or "useless" with nothing in-between?
Are you suggesting that the ability to completely circumvent a system doesn't make that system broken?
If the goal of WhatsApp encryption is to protect against surveillance, and there's a way to surveil users using WhatsApp, then it's broken, full stop. Are you going to place your trust in a home security system that works pretty well, but only against unskilled burglars? Or what about an authentication system to a server holding sensitive customer information? Or your banking information? Or information that might put your life at risk as a dissident in a repressive state?
> Are you suggesting that the ability to completely circumvent a system doesn't make that system broken?
A system can be broken without being useless.
>If the goal of WhatsApp encryption is to protect against surveillance
You skipped an import word from the post you replied to: "mass". Even with a hole in SS7, it makes it impractical to collect messages from everyone, even if it's practical to collect messages from specific targets.
>But not useful for the purpose of protecting users against surveillance.
I'd argue that it can be useful for that purpose without being perfect. If it stops my communication from being caught in a mass dragnet, then it's useful for protecting me against surveillance even when it's possible to circumvent the security on the scale of individuals (rather than populations).
> skrebbel made a blanket statement, which I was replying to.
Right, they did. They made the statement that even flawed security makes mass surveillance much more difficult than an unencrypted system would (or words to that effect). It seems like "stop mass-scale surveillance" is a separate goal from "stop individual-scale surveillance". I feel like you set up a strawman, rather than actually addressing what skrebbel originally said.
> It seems like "stop mass-scale surveillance" is a separate goal from "stop individual-scale surveillance". I feel like you set up a strawman, rather than actually addressing what skrebbel originally said.
My point was that security is often black-and-white because a crack can turn out to be a crater, and often is.
With regards to state-sponsored, dragnet surveillance: those are the most skilled attackers, and they've exploited far more subtle issues than the one being discussed here; they're the ones that you need to be worried about for undisclosed vulnerabilities, letalone terribly obvious flaws like this one.
Yes, to all your questions except the last one. That's the whole point. If I intend to overthrow president Trump, I won't use WhatsApp. Most other purposes, seems pretty fine now.
I'm sorry, but I don't understand. You are okay with a provably vulnerable system protecting some of life's most important assets.
Could you elaborate?
> That's the whole point. If I intend to overthrow president Trump, I won't use WhatsApp.
You made a blanket statement about the integrity of purportedly secure systems. These exact arguments can apply just as well to other systems, like Tor, or SSH, or HTTP over TLS.
They tend to be black and white b/c, unlike most other areas of engineering, a flaw of any severity in a crypto system can lead to its total compromise. Those systems are also subject to active opposition, and breaches tend to be both catastrophic and not known till after the damage is done.
By way of comparison, when Boeing builds a jumbo jet, its "threat model" is gravity and drag and other laws of nature, and if the in-flight entertainment system breaks they don't have to worry about the plane falling out of the sky.
Also compare to the "move fast, break things" web/app dev community for even more stark contrast.
Those differences tend to lead to crypto folks being more black and white on average.
In the case of WhatsApp, your data is only on your device and, optionally, in iCloud. So even if an attacker is able to take over your WhatsApp account, your existing data is still private unless the attacker can obtain your device password (and your device) or your iCloud password.
Flagged for misleading headline; if keys are verified WhatsApp is secure against this attack. If you don't have out of band comms or a pre-shared key, mitm attacks are provably impossible to prevent.
reply