[venomsnake]

No it is a backdoor. Becuase the app fucks you on purpose, even if you go to great lenghts to verify the keys.

Also the vulnerabilty matches perfectly one scenario - when a person is in custody, the LEO cannot open its phone, but they can create account on new device with his sim card and continue "trusted" chats.

[Eyas]

I understand why that is a concern for the security conscious. But for the 90% use case, e.g.: I lost my phone and got a new one. Or my phone isn't turning on and I get a new one.

I install WhatsApp. How do I roll over my identity?

The way I see it is that WhatsApp is delegating the task of identity verification to the network provider (admittedly a weak link for the security conscious). But it _is_ the easiest way for the average user to continue chats on a new phone.

If the default setting were reversed, HN would stop complaining, but the 90% would.

The most 'secure' means of communication is probably a one-time pad communicated via paper on magic ink that you then burn, or something. There is a cost to ease of use in many cases. I wish the conversation was less about right v wrong, and more about what tradeoffs should be made and where to draw the line.

[rocqua]

The nice solution here that would please security-conscious people with an opt-in would be for that opt-in to prevent automatic re-encryption and re-transmission under the new key.

To expand on the example given above, if the police get your phone, turn it off and wait for a while. You might have quite a few incoming unreceived messages. They can then simply take the sim, put it in a new phone, and register that with whatsapp. They can then read all messages sent to you since they turned of your phone.