If parties A & B both use WhatsApp with the idea being that the app shouldn’t be able to determine the details of the conversation, how does E2EE prevent this?
My understanding is that it really doesn’t matter if E2EE is supported by the app in such cases. Since the app has access to both parties’ devices, it doesn’t have to read/intercept messages in transit if it can just access on device conversation thread for both, or all parties involved. Am I wrong?
In: 5
That’s a very good point. You do have to trust the local app. It could totally take your messages and send them to the app company if it wanted to.
Luckily independent security researchers watch for stuff like that in lots of apps these days. Watch all the traffic coming from the app and see if it’s doing something shady. It would be catastrophic to any supposedly E2EE service to get caught doing that so they have an incentive not to
However ultimately you can’t trust that a closed source app isn’t going to find a way to do it (store messages and opportunistically send via Bluetooth to a clandestine collection hotspot stationed in your city?). You work with open source stuff and you can be much more sure your data isn’t being messed with
Latest Answers