For open source messengers, you can check whether they actually encrypt your messages and whether the server has access to your encryption keys but what about WhatsApp? Since it’s not open source, you can’t be sure that the encryption keys aren’t sent to the server, right? Has there been a case where a government was able to access WhatsApp chats without reading them from the phone itself?

    • cmeerw@programming.dev
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Group chats are also end-to-end encrypted in WhatsApp (so any monitoring would need to be done in cooperation with one of the participants’ devices before encryption or after decryption)

        • cmeerw@programming.dev
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          1 year ago

          In a subpoena case in India, that turned out to be not true.

          Source please.

          WhatsApp admins hold keys to being able to do that under law pressure.

          How do they get the keys?

          They only guarantee it for 1-1 messages and statuses, and against “generic” actors for group chats…

          Who is “they”?

          • Chaotic Entropy@feddit.uk
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            Yeah… I see no reference to this anywhere… some stuff in 2021 about WhatsApp protesting privacy law changes in India and some stuff about the liability of Group Admins for things posted in groups. Nothing about broken encryption measures.

            I can only assume they are referring to WhatsApp Group Admins, who are inherently part of the group, as opposed to WhatsApp company admins.