this post was submitted on 27 Jan 2026
1085 points (99.5% liked)
Technology
79476 readers
4653 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
What are the better alternatives? because it seems like the comment section is flooded with people (yourself included) that don't understand that most (probably all) e2e messaging apps are vulnerable to this attack as long as they trust a centralized server.
The issue isn't an encryption one, it's a trust one that requires you to trust the makers of the messaging app and the servers the apps connect to (and the method by which the app is distributed to you).
What is your alternative? Everybody codes their own app??
Also you're unhinged in these comments
People should understand the limits of E2E encryption.
I'd rather be unhinged than wrong.
Briar. Designed for, for example, journalists in countries that may persecute them for saying the wrong thing. Can technically be run completely on a mesh network, meaning it's actually truly decentralized.
Signal uses reproducible builds for its Android client, and I think for desktop as well. That means it's possible to verify that a particular Signal package is built from the open source Signal codebase. I don't have to trust Signal because I can check or build it myself.
If I don't have extreme security needs, I don't even have to check. Signal has a high enough profile that I can be confident other people have checked, likely many other people who are more skilled at auditing cryptographic code than I am.
Trusting the server isn't necessary because the encryption is applied by the sender's client and removed by the recipient's client.
Maybe but that doesn't mean you have the same app they do, Google may have different apks for people who could check it and for those who won't.
There is a risk Google could tamper with the app for specific users if they're installing it from Google Play. I think it's likely security researchers would discover that if it was widespread, but there's a chance Google could do it undetected if they targeted it selectively enough.
People who are concerned about this can download the APK directly from Signal and check its signature before installation.
Signal
You're just replacing trust in Meta with trust in Signal Inc without understanding why WhatsApp is vulnerable to this.
Is Signal Inc more trustworthy than Meta? probably
is Signal (app) safe from the attack described? absolutely not.
Theoretically, you can check the code actually running on the Signal servers is the code they publish under a free and open source licence, using the hardware-based TEE attestations the servers will return
Someone more knowledgeable than me may have managed to do so, I haven't.
Tell me you don't understand how Signal's E2E mechanism works without telling me you don't understand how Signal's E2E mechanism works.
Tell me you don't understand what E2E encryption is without telling me you don't understand that the limits of E2E encryption.
See every other comment in this thread describing in great detail why you are wrong, but that you fundamentally DO NOT UNDERSTAND how any of this works whatsoever.
You fundamentally DO NOT UNDERSTAND how security works, go play with your algorithms and stop spamming my replies.
Um, security is based largely on encryption algorithms.
No encryption is largely based on encryption algorithms, security is much broader than that.
For reference https://en.wikipedia.org/wiki/Encryption
I think you're trying to refer to security posture, or security practices. However those mean nothing if you cannot encrypt or encode in some manner as to not be easily understood by a third party.
Largely this is done with some sort of algorithm.
This is key and I don't think Signal shies away from this. You MUST trust the code you're running. We know there are unofficial Signal builds. You must trust them. Why? Because think of it this way. You're running a build of Signal, you type a messages. In code that text you type then gets run through Signal's encryption. If you're running a non-trustworthy build, they have access to the clear text before encryption, obviously. They can encrypt it twice, once with their key and once with yours, send it to a server, decrypt theirs and send yours on to it's destination. (for example, there's more ways than this).
The code can be okay but it's delivery method(aka Google), the OS(aka Google) or the hardware can be compromised.
Just because it's centralized doesn't mean that it falls under this risk sector. Theoretically if the app was open sourced and was confirmed to not share your private key remotely on generation (or cross sign the key to allow a master key...), then the most the centralized server could know is your public key, the server wouldn't have the ability to obtain the private key (which is what is needed to read the e2e encrypted messages)
This process would be repeated for the other party. The cool part of that system is you can still share your public keys via the centralized server, so you wouldn't need to share the key externally. You just need to be able to confirm that the app itself doesn't contain code to send your private key to the centralized server. Then checking integrity is as easy as messaging your friend to post what their public key is, and that public key would need to match the public key that the server is supplying as your contact.
The server can't MiTM attack it because the server has no way of deciphering the message in the first place, so the most it could do is pass the message onto the proper party whom has the private key to be able to decrypt it.
Not that I have any other suggestions aside from signal though, there aren't many centralized e2e chat services. Most use client to server encryption which would allow decryption server side.
The attack as described almost certainly involves the server sending a message to your client and then having the messages replicated via a side channel to Whatsapp without breaking E2E encryption (it could be adding them as a desktop client or adding them as a hidden participant in all chats, that isn't clear in the article)
If you could run Whatsapp without connecting to Meta, you would be safe from this attack, but as you’ve pointed out a secure client is a better solution.
Fully agree that in this case if the claim is true (they have had a few of these claims), it's likely whatsapp either making itself a companion app that's hidden, or has some form of escrow in place to allow deciphering the messages. (Considering Messenger allows decrypting e2e chats with a 6 digit security pin, I'm leaning towards an escrow)
I was just mentioning that this isn't a fault of it being centralized, this is a design choice by the company when implementing e2e encryption, and that a properly functioning system would never give the server the ability to decipher the messages in the first place.
Element / matrix.
With e2e you don't need to trust the servers. You only need to trust the client that does the encryption.
Should you not also trust your device hardware, it's os and the market you got the app from?
That's a given I think. If you can't trust the OS then you can't trust the client.
The attack as described almost certainly involves the server sending a message to your client and then having the messages replicated via a side channel to Whatsapp without breaking E2E encryption.
But yes the point is you can't trust the clients.
If you could run Whatsapp without connecting to Meta, you would be safe from this attack, but as you've pointed out a secure client is a better solution.