Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Communications Encryption Facebook Privacy

WhatsApp To Offer End-to-End Encryption 93

L-One-L-One (173461) writes In a surprise move, nine months after being bought by Facebook, WhatsApp has begun rolling out end-to-end encryption for its users. With true end-to-end encryption data becomes unaccessible to admins of WhatsApp or law enforcement authorities. This new feature first proposed on Android only has been developed in cooperation with Open Whisper Systems, based on TextSecure. With hundreds of million users, WhatsApp becomes by far the largest secure messaging application. FBI Director James Comey might not be pleased. Do you have a current favorite for encrypted online chat?
This discussion has been archived. No new comments can be posted.

WhatsApp To Offer End-to-End Encryption

Comments Filter:
  • Comment removed based on user account deletion
    • by Aqualung812 ( 959532 ) on Thursday November 20, 2014 @09:36AM (#48425545)

      What root console? If it is really END TO END, then WhatsApp can't see the data either.

      • by arth1 ( 260657 )

        If it is really END TO END, then WhatsApp can't see the data either.

        True, but anyone sniffing the traffic can, if they have access to a decryption key. Not that we know of anyone who would possibly do that...

        In my view, this encryption is not to be trusted unless and until it can accept keys that are generated outside the WhatsApp product. Otherwise, how much would you want to bet that the three letter agencies aren't getting a master key under a hush order?

        • Comment removed based on user account deletion
          • by Teckla ( 630646 )

            Yeah, pretty much. The power of subpoena to acquire those keys would be trivial.

            I think that's one of the problems Perfect Forward Secrecy is supposed to solve. If I understand it correctly, upon connection, the two connecting systems that support PFS generate brand new and ephemeral public/private key pairs for bootstrapping the encrypted connection.

            Since those keys are ephemeral, even if some entity collected all the data between the two connecting systems, it would never be able to decrypt that data, even with subpoena in hand: those keys are long gone, as they only existed for a f

        • Not just generated externally, but a way to confirm the private key is *NOT* sent to anyone.

        • by Anonymous Coward

          If it is really END TO END, then WhatsApp can't see the data either.

          True, but anyone sniffing the traffic can, if they have access to a decryption key. Not that we know of anyone who would possibly do that...

          In my view, this encryption is not to be trusted unless and until it can accept keys that are generated outside the WhatsApp product. Otherwise, how much would you want to bet that the three letter agencies aren't getting a master key under a hush order?

          Facebook is the largest HUMINT database on the planet.

          And they own WhatsApp.

          On top of all that, they are a corporation within the United States.

          Just curious what level of ignorance we have to walk around with here to assume they don't have the decryption key, and haven't had it since day zero.

          How many more Snowdens need to come along to paint that picture any clearer?

          Fuckety fuck fuck already.

        • would they even need that? vs decompiling the APK?

        • While WhatsApp does have a security hole. Using WhatsApp is more secure than using no encryption.

          • While WhatsApp does have a security hole. Using WhatsApp is more secure than using no encryption.

            This seems to be most reasonable of the responses so far.

            EFF has mentioned that when the end-to-end encryption is implemented, and then IF it passes their tests, they will update their Secure Messaging Scorecard [eff.org] for it. Right now its score is rather dismal: 2 of 7.

            Currently there are only a few text messaging apps that get full points: TextSecure, Silent Text, OTR (Windows), CryptoCat, and something called ChatSecure which I had not heard of before.

            Some people objected to CryptoCat being awarded al

      • by Pi1grim ( 1956208 ) on Thursday November 20, 2014 @09:44AM (#48425601)

        The problem with WhatsApp is that it is closed-source, so you can't really check. You'll have to take their word for it. Also, they facilitate key exchange, so the whole "end-to-end" stuff is actually moot, since user is taken out of the loop and server can, at any time re-negotiate the keys and verify that MITM as a person A, that person B is trying to get in contact with. So it's all, once again, a lot of buzzwords, and zero security.

        • Comment removed based on user account deletion
        • it's all, once again, a lot of buzzwords, and zero security.

          That's a bit unfair. Yes, any security system that tries to be entirely transparent cannot really be end to end secure, but nobody has ever built a mainstream, successful deployment of end to end encryption that lets you use a service even if you don't trust it. There are many difficult problems to solve here. Forward secure end to end encryption behind the scenes is clearly an important stepping stone, and OWS has said they will expose things like

      • What root console? If it is really END TO END, then WhatsApp can't see the data either.

        You assume that they either competently implemented encryption, or didn't maliciously leave themselves a back door for tracking and commercial purposes, or weren't secretly told by some three letter agency that if they didn't leave a backdoor they'd be in trouble.

        Given that it's owned by Facebook, I'm not willing to attribute either competence or good intentions to anything they do.

        At this point, I assume Zuckerfuck is a

      • by znrt ( 2424692 )

        What root console? If it is really END TO END, then WhatsApp can't see the data either.

        and you verify that it is actually clean and secure end to end encryption on a device like a smartphone (take your pick) ... how?

        oh, i'm supposed to trust a random app running on a platform with (or entirely consisting of) proprietary closed software and hardware. har! har!

    • Furthermore, you can bet the FBI and NSA are going to figure out a way to bruteforce the encryption anyhow.
      • by arth1 ( 260657 )

        This is the same company that lied about the capabilities of its photo app, as well as stored the photos insecurely.

        Why would they have to? All they need to do is present Whatsapp with a hush order to hand over keys.
        When Whatsapp generates and maintains the keys, there's no real security here.
        I even think it's not unlikely that they have implemented this in cooperation with the three letter agencies, in order to lure people into thinking it is safe. And the great unwashed masses will be fooled, as always.

  • I know next to nothing about whatsapp but from what wikipedia says, it's basically a bypass for texting and media-data sending fees for cell phone companies. Every one I've ever heard of has been banned by Apple at least and sometimes Android after pressure from carriers. What the heck let this one stick around? The same goes for VOIP services over data preventing people from going over their minutes. Those got banned the day they rolled out of the last 10 years. Now that it's encrypted it's superior t
    • Well, hello there friend. It must have been very uncomfortable to sit in a cryo cam for all these years, but while you were gone messaging apps have become more relevant than SMS-es and any carrier trying to ban them is to have a fecal storm on the matter, with billions of users for WhatsApp, FacebookMessenger, Hangouts, Viber, Line and whatnot.

  • Do you have a current favorite for encrypted online chat?

    Telegram. It's open source, uses end to end encryption, and, unlike whatsapp, supports multiple connected clients at a time - including desktop clients for all platforms.

    Of course you'll be hard pressed to find anyone on telegram expect my wife and I. Kids don't care about security, or source code.

    • Comment removed based on user account deletion
    • by arth1 ( 260657 )

      Telegram. It's open source, uses end to end encryption, and, unlike whatsapp, supports multiple connected clients at a time - including desktop clients for all platforms.

      It's public domain, not open source.
      End-to-end encryption is easy - you just need to send a courier with a one time pad.
      And yes, there are telegraphs supporting multiple concurrent connections by using pitch shifting and filters so the receiver will only hear one set of beeps. But not more than a few.
      Sure, there are desktop clients for all platforms - wooden, metal and marble top desktop can have clients, and there are even keys that mount on tilted desktops.

      Of course you'll be hard pressed to find anyone on telegram

      Indeed. Even Her Majesty The Queen stopped send

      • How can something in the public domain NOT be open source? If the source is free to look at, it is open source.

        • by arth1 ( 260657 )

          How can something in the public domain NOT be open source?

          Open Source depends on copyrights.
          Public domain depends on there being no copyrights.

      • by lennier ( 44736 )

        Indeed. Even Her Majesty The Queen stopped sending telegrams a few years ago. A shame, really.

        Your Monarch has, with great reluctance but a lingering sense of optimism, embraced modern communications, as it is nowadays one of a great many passing diversions into which the grandchildren seem to be. With this in mind the formal 'Queen's Telegram' has been revised to a streamlined, responsive format which I'm sure will meet with approval from the majority of citizens.

        Now the day you turn 100 you get a single tweet from @HerMajLiz: 'lol u 2 old'

      • "End-to-end encryption is easy - you just need to send a courier with a one time pad."

        Key management is a PITA. Still, making pairs of DVDs filled with random noise isn't that hard. If you seal them with glitter nail polish and send a picture of the sealing back, then you and the recipient can be fairly sure it wasn't intercepted and copied.

        USB sticks are larger, but you need to completely erase the USB or DVD after copying to disk. Then the program needs to enforce that used blocks on the disk are erase

  • by MobyDisk ( 75490 ) on Thursday November 20, 2014 @09:50AM (#48425637) Homepage

    This really only works if the client is open source. Otherwise, you don't know that the client doesn't send the keys through a side channel or store them somewhere.

    • by Anonymous Coward

      This really only works if the client is open source. Otherwise, you don't know that the client doesn't send the keys through a side channel or store them somewhere.

      Perfect is the enemy of the good.

      Taking passive surveillance out of the picture is a step in the right direction. If the code saves the keys so that it can be fetched in an "active" attack (e.g., warrant) that kind of sucks, but it's better than having everything in cleart-text to be vacuumed up without any kind of over site.

    • If an open source client were all it took to establish secure communications between two phones it would have been done a long time ago. There are other hurdles besides the client. It's rare for two phones to be able to communicate directly because phones don't usually get public IP addresses. When a phone gets a public IP address it's likely to have most if not all incoming ports blocked, and even if both phones happen to have public IP addresses with unblocked incoming ports they still need to find each o
    • by chihowa ( 366380 ) *

      Of course it sends the keys to WhatsApp! If you install the client on a second phone, it just works, right?

      So they're either:
      1) generating a new key on each device and encrypting all incoming messages to every client's public key (or just encrypting the session key, a la PGP. -- While this isn't sending the key back to the mothership, new keys can be added at will, so copying traffic is easy.)

      2) generating one key per account and shuffling it to newly installed clients through their server (possibly encrypt

      • by MobyDisk ( 75490 )

        Bingo!

        I worked for a company that had secure online backup software, and these kinds of things are exactly what they did. The original software really honestly didn't have the key. They even sent it to an escrow service whose contract said they could never ever give us the key. But later, features were added to the system: The server could transcode mp3 files and stream them to your phone - how could it decrypt the mp3 files to transcode them for streaming, if they didn't have the key? And the install.e

  • I sure hope he hasn't been compromised, by green paper 'malware', or *an offer he can't refuse*.

  • needs to be implemented at all levels of the internet, hopefully it gives the American Stasi like the NSA, CIA, and FBI major headaches...

  • Literally the first time I heard about WhatsApp was when they were sold for 19 billion. This made no sense to me. So I asked my teenage daughters about WhatsApp and they had never heard of it. So I chalked WhatsApp to being the ultimate in hype.

    But to stand out and offer end to end encryption where WhatsApp can't read your stuff will be interesting. The question is: "Do we trust them."
    • by ledow ( 319597 )

      I've heard of WhatsApp for ages.

      Most of my contacts are on Whatsapp.

      But I didn't start using it until my Italian girlfriend introduced me to it - because texting internationally via WhatsApp costs you 63p a year as opposed to nearly that per text!

      All the ex-pats and foreigners that I know seem to be the biggest users of it.

  • by lazarus ( 2879 )

    Wikr [wickr.com] is what I use. Right now it's only available as an iOS and Android app. You specify how long you want your messages to exist for and the countdown starts when the receiving party views the message. Slightly clunky, but very very secure:

    From the website:

    App:
    ID and device info are cryptographically hashed with multiple rounds of salted cryptographic hashing using SHA256.
    Data at rest and in transit is encrypted with AES256.
    No password or Password hashes leave device.
    Mess

    • If you think this is secure against the FBI you are kidding yourself. Since it is a closed-source app, wickr has control of your private key and they only CHOOSE not to copy it off the device. They can simply be served with a NSL to pull that info from your device. Now if you're only trying to keep things private from criminals and corporations, you're probably good.
      • by lazarus ( 2879 )

        Re: FBI. That may be true (albeit difficult to do). However, that would be the end of their business, so it would be somewhat pointless to ever agree to that (they have already declined such a request). For reference here is their guidelines for law enforcement requests:

        https://wickr.com/wp-content/u... [wickr.com]

        And the report of them denying an FBI request:

        http://www.slashgear.com/wickr... [slashgear.com]

  • Do you trust the people behind this? If so why?

  • Comment removed based on user account deletion
  • Still subject to traffic analysis.

    Most of the information they want in the first place is "who is talking to who when and for how long", which is still in the clear, even if there is end to end encryption. So most of the important data, what government agencies in the news have called "Just Metadata", is still capable of being intercepted (and is).

    Once they have an associative pattern that they think indicates a crony in an illegal activity, *THEN* they target the content of the conversation. In this part

  • And here I thought my solution of attaching matching pretzels to each cup, and then tying the string to the pretzels, ensured our communication was private. The only difficult part was trying to add a third party after you had already eaten the bag of pretzels, as finding a third matching pretzel at that point was sometimes quite difficult.

  • What encrypted messaging app do I use? None. My friends don't use it. I had *one* friend I could talk into installing Telegram. But it's really not "secure" because it saves things on your device, and the desktop version saves things in the clear, so anyone with access to your computer can ready them.

    Like another poster said, the other end is your weak link. An open source app might even be worse, because someone could modify their app to say a message was deleted when it wasn't. Or rather, their device cou

  • End to end encyryption is just one side of it, Wickr app also implements a number of UI paradigms and particularly the per-message user-set time-expiry feature that no on else has right now. This for me is the most important feature because who will own my chat data 20 years from now (be it encrypted or not)? I'd rather it be deleted when I want it, so conversations can be more ephemeral like real life.

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...