WhatsApp issue (https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages …) isn't really a backdoor, but it highlights the need for key transparency (https://security.googleblog.com/2017/01/security-through-transparency.html …)
-
-
.
@whispersystems@martinkl CONIKS, implemented correctly, is way more secure than what Signal/WhatsApp is doing. -
.
@whispersystems@martinkl And that's not the objection. The objection is there's no way to distinguish legit key changes. -
.
@whispersystems@martinkl without manual verification, which many of my friends have no idea how to do since you introduced security codes -
.
@whispersystems@martinkl CONIKS (correctly done) & blockchains can both make manual verification unnecessary while providing same security -
.
@martinkl Key Transparency doesn't help this problem much, but CONIKS does/can.@whispersystems -
Agree with your assessment. But I thought Key Transparency was an implementation of CONIKS — am I mistaken?
-
Your mistake was trusting Google to accurately describe what they are doing.
https://twitter.com/taoeffect/status/821241852615528448 … -
Oh. Guess I need to actually look at the code then.

- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.