But the key exchange is not the issue then.
Access to private keys is.
If the host system, on which the key exchange runs, is compromised, you’re toast.
Where’s the private key? I can get a new phone, log with WhatsApp and download all the historical messages without intruducing any additional password or key.
@Railcar8095@zergtoshi actually is not my exlerience with whatsapp, since I have the backups disable, everytime I change phones I lost all my conversations. But since whatsapp is closed source, the app can indeed use encryption to comunicate p2p, but I will allways assume that the key is logged by meta, “just in case”
You can have the soundest encryption in the world but if they have access to the keys it doesn’t matter, they can see everything.
But the key exchange is not the issue then.
Access to private keys is.
If the host system, on which the key exchange runs, is compromised, you’re toast.
Where’s the private key? I can get a new phone, log with WhatsApp and download all the historical messages without intruducing any additional password or key.
I assume they have all the required data too.
@Railcar8095 @zergtoshi actually is not my exlerience with whatsapp, since I have the backups disable, everytime I change phones I lost all my conversations. But since whatsapp is closed source, the app can indeed use encryption to comunicate p2p, but I will allways assume that the key is logged by meta, “just in case”
Sounds like a compromised phone in the sense that it doesn’t protect (and instead transmit) the private key.
That’s not the phones fault, but how WhatsApp works