undefined | Better HN

0 pointsmattcoles9y ago0 comments

As I mentioned in my comment, any exploit that can only be performed by the server is essentially irrelevant as we already can't have perfect trust in the server.

edit: I'll respond to everyone as I worded this poorly. What I mean is that an attack that can only be performed by Facebook/WhatsApp(depending on if you believe they are kept separate) is mostly irrelevant as they could always push an update to the App/Play Store that sent all the decrypted messages to their servers anyway and we'd be none the wiser as it's all closed source. So why would they choose to use the vulnerability when this is fair simpler and could access far more messages with the update?

I'll concede that it's worrying if their server somehow became compromised but I'm seeing that as being highly unlikely.

0 comments

wirelessest9y ago

I thought that was the whole point of end-to-end. That you don't need trust in the server because the messages are opaque. If this is an exploit that can be performed by a compromised server, it's very much relevant

FabHK9y ago

So, just to clarify my understanding:

Basically, what we have here is a weakness in the client, namely a provision that allows the server to send the client a fresh key and ask for re-encryption and re-sending with the new key. This, in turn, would allow for a good old MITM attack if the server were to be compromised.

This re-encryption and re-sending of messages would be without intervention by the user, though a message "new key" would be displayed to the user provided they had chosen the option to display such notifications (which are disabled by default).

What's unclear to me is whether only messages that have not yet been delivered would be affected, or all.

reitanqild9y ago

> if the server were to be compromised.

IMO they have been since they joined Facebook.

1 more reply

yclept9y ago

Aren't all messages undelivered, until they are?

1 more reply

Jarwain9y ago

Is the server sending the client a new key to use? Or is the server telling the client to generate a new key?

dromen9y ago

We can't have perfect trust in the server, so this feature being supported by the client breaks the security guarantees of WhatsApp's E2E encryption.

FabHK9y ago

Nicely put.

j / k navigate · click thread line to collapse

0 comments

wirelessest9y ago

FabHK9y ago

So, just to clarify my understanding:

What's unclear to me is whether only messages that have not yet been delivered would be affected, or all.

reitanqild9y ago

> if the server were to be compromised.

IMO they have been since they joined Facebook.

1 more reply

yclept9y ago

Aren't all messages undelivered, until they are?

1 more reply

Jarwain9y ago

Is the server sending the client a new key to use? Or is the server telling the client to generate a new key?

dromen9y ago

We can't have perfect trust in the server, so this feature being supported by the client breaks the security guarantees of WhatsApp's E2E encryption.

FabHK9y ago

Nicely put.

j / k navigate · click thread line to collapse