Politicians warned to 'watch out' as integrity commission could access encrypted texts on WhatsApp and Signal
www.abc.net.au
Australia's Attorney-General Mark Dreyfus warns that the National Anti-Corruption Commission legislation will see the body have the ability to tap the phones of politicians, even if they are messaging on encrypted apps.
  • GadgeteerZA
    72 years ago

    The vulnerability is on the user end. If you infiltrate the user device, or just get another receiver of the messages to expose them, the content is clear to read. Wonderful thing for law enforcement about WhatsApp, is they bleed out metadata about who contacted whom, and when, and where they were at the time. WhatsApp even provides that to Facebook, and from there the data used to be able to be bought for “research”. The metadata can be used to zoom in to identify individuals if you match their patterns of behaviour with locations.

    • @vord@beehaw.org
      32 years ago

      Thing is, it’s not just Whatsapp. It’s literally every single server-based mechanism to exchange data. You have to trust that the server in question wipes logs on the regular and is not under some secret data collection warrant.

      And ultimately, anything that you can just sign into another device with and retain your messgae history is not fully e2e encrypted…it means a server holds your encryption key for you.

      • GadgeteerZA
        32 years ago

        The easy test is to see if the service has a password reset option - if so, they can reset the password. If not, you know, only your password or encryption key can unlock it. For example, Signal won’t restore chat history to a new device. So yes Telegram will, but for secret chats no that data is not synced and will be lost.

  • Arthur BesseA
    22 years ago

    It would be great if Australia gets caught compelling Amazon to give them Signal metadata, because it would stop a lot of people from pretending that Signal’s “sealed sender” cryptography LARPing actually prevents that.