this post was submitted on 23 Oct 2023
74 points (89.4% liked)
Privacy
31609 readers
312 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Care to elaborate? You can't just imply asymmetric encryption can be decrypted by 3rd parties and not explain how.
Also I don't know how exactly signal works but I know that you don't need to share secrets externally to message someone, so how are they exchanging the symmetric keys without using asymmetric encryption to boot?
This is more of a "how encryption" works question, so I'll just defer to some article response I got from Google which explains it simpler than I would:
"When someone sends a message to a contact over an app using the Signal protocol, the app combines the temporary and permanent pairs of public and private keys for both users to create a shared secret key that's used to encrypt and decrypt that message. Since generating this secret key requires access to the users' private keys, it exists only on their two devices. And the Signal protocol's system of temporary keys—which it constantly replenishes for each user—allows it to generate a new shared key after every message."
That doesn't explain why asymmetric encryption is insecure? In fact signal seems to be using two pairs of asymmetric keys to generate its symmetric secret, so it would also be prone to attack if asymmetric encryption was a flawed system.
I guess I missed your initial conversations question, but this is easy to search, and not for me to defend WhatsApp. I'm not the harbinger of bad news here, I'm just telling you what everyone else has said on the internet. WhatsApp is not private. They cooperate with governments to make messages known even.
I feel like you're trying to drive a point home that has already lost in the security commutat as a hole. OP asked if WhatsApp is bad for privacy, and it is.
Edit: just to shut you up - https://propertyofthepeople.org/document-detail/?doc-id=21114562