Show this thread
PSA: Disable WhatsApp chat log backups to Google Drive and Apple iCloud if you care about the end-to-end encryption.pic.twitter.com/giG07NlFiz
-
-
-
And no, WhatsApp backups aren't end-to-end encrypted, to all of the people in my mentions incorrectly assuming that. If they were, they'd ask you to set an encryption key when you backup...pic.twitter.com/RMF60w8fqg
Show this thread -
"Manafort was backing up information from his WhatsApp to to Apple’s iCloud, where data is not encrypted and is thus available to police armed with a valid search warrant."https://motherboard.vice.com/en_us/article/zm8q43/paul-manafort-icloud-whatsapp-bad-opsec-witness-tampering …
Show this thread
End of conversation
New conversation -
-
-
Well, *technically* it still is end to end encrypted, the ends just fail horribly
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Well it's still encrypted with the phone key when sent to Google Cloud.
-
Test case : Get another phone and try to restore the messages from the backup. If that works, your phone key has nothing to do with it.
-
Did that. You need to have access to the old phone. Or the sim card.
-
and they likely store the encryption key on the sim card, right? Suure… very obvious that they do that…
-
Being able to transfer a SIM card to a different phone and still gets all your messages "decrypted" sounds shady to me... Wild guess: they save the ICCID of your SIM and the IMEI of your phone and if you can provide either "passcode", you get your *unencrypted* messages back.
-
Well I can think of some SIM credentials key can be part of decoding key. But oh well, forget what I said.
#shamepic.twitter.com/5A7hLigUAu
-
yeah, why even bother adding bad SIM stuff (whatever) encryption, when you can just store it in plaintext LOL
End of conversation
New conversation -
-
-
let's separate the use cases. WhatsApp is a fair for protecting legit content, when the who and when is not important. Signal will address additional privacy needs.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Just stop using
@WhatsApp, use Signal -
It's not so secure... The desktop version has been already exploited
-
It hasn’t on mobile, there’s telegram too but why you would trust a company owned by Facebook to provide secure messaging services is beyond me. WhatsApp CEO left because Facebook wanted to weaken the encryption.
-
Where do you read that I trust whatsapp?
-
If.....you don’t trust whatsapp.....do you use it for end to end encrypted convos? I’m confused here. But, wanted to drop this in here.https://slate.com/business/2018/06/facebook-whatsapp-turmoil-takeaway-mark-zuckerberg-cant-be-trusted.html …
-
I don't use whatsapp, I don't see where I wrote that I use whatsapp
End of conversation
New conversation -
-
-
You can't restore them to another number because they are binded with it ...added protection is the pin and email requried to restore (pin)
-
buuuuuut… that's still not e2e encrypted.
-
It's not... Because restoring won't work if it is
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.