Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You can go decompose the binary and check (or monitor network activity). WhatsApp has been audited for implementing E2E encryption and consistently passed.


E2E encryption does not protect against any of this. Whatsapp can still decrypt messages locally and feed back information to meta.


TBF, no-one's as-yet found a Meta binary doing this.


you mean things like having a localhost server running on android service to bypass tracking restrictions and run all of your stuff illegally?


Well, yes, they have been found to bypass tracking restrictions, most recently using Local Mess (https://localmess.github.io/), but they haven't been found exfiltrating WhatsApp private keys or messages in plaintext. And people are looking for this specifically.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: