[sfifs]

It's actually very accurate technically. The Guardian article seems to miss the basic point.

The encryption in WhatsApp and Signal and Apple messaging all are all built to protect data from others in transit not necessarily from the service provider itself.

No system where a central service provider manages both key infrastructure and message delivery can ever be secure from MITM by the service provider unless you do manual key verification through a different channel. Signal does provide the means to doing so by physically meeting a person and verifying which is good. But are you truly going to be able to explain these concepts beyond techies?

[jMyles]

But the actual point here is the retransmission vulnerability. That's what makes WhatsApp different. That's the backdoor.

[sfifs]

Look if WhatsApp wants to read your messages without you detecting, there's nothing you can really do to prevent it apart from not using WhatsApp.

For instance if you're on some list for message interception, they can give you MITMed keys when you first login. Or they can insert some subtle signal that tells the app on your specific phone to ignore key changes and avoid showing notification in some way you would struggle to check (closed source and obfuscated code) etc etc. They could even show you the right key if you attempt verification but use a compromised one for communication. This particular vuln. would be a ridiculously crude way to intercept messages.

To repeat, in any system where key distribution and message distribution are centralized, there is no way to protect against the service provider - and anyone who co-opts the service provider (eg. with a court order). The objective of the encryption is to protect against other actors snooping on you

[slashcrypto]

I edited the article because I really missed this point, you are right. I thought WhatsApp is not sending the message which got encrypted with the new key. But still, I would not say this is a backdoor, because the user has a relatively easy way to check the keys. If WhatsApp would like to implement a backdoor, they would have done it in a different way I think.