[muxator]

> We do not store private messages on our servers _once we deliver them_

Doesn't this mean that messages exist in plaintext on Facebook's servers for at least the time it takes to deliver them? To me this is equal to saying that everything is clear text anyway, since there is no way to ensure someone lawfully or unintentionally taps the text stream and diverts it somewhere.

Am I misunderstanding?

[TwoBit]

Probably just means the encrypted messages are in holding on the server until delivered. There's not much alternative to that unless peers are enabled to talk directly to each other, which would likely be a poor experience due to reliability and connectivity issues.

[vlovich123]

It would probably be much more ideal to have peers send messages to each other directly & only use the server for store + forward if the send fails.

[paxys]

True P2P isn't really possible today in the vast majority of ISP networks (especially mobile ones), so at most traffic will be relayed by a TURN server which is also centralized.

[vlovich123]

Are you sure that mobile networks really go out of their way to block STUN, not to mention that they’re predominantly IPV6 so the reasons for NAT would be weird at the carrier level (haven’t investigated this too thoroughly so not sure).

[bzb5]

It is not the nineties anymore, everybody is behind at least one NAT. Especially mobile phones.

[cesarb]

On the other hand, mobile phones often also have an IPv6 address, which is not behind a NAT.

[GekkePrutser]

It would be good in some ways but could cause tracking by malicious peers by becoming aware of the target's ip address

[dTal]

That would require at least a retry, which might fail if the sender also has a spotty connection. One of WhatsApp's main deliverables is reliable service over bad connections.

[danielheath]

That assumes that you want your phone radio running at full power 100% of the time, which would drain your battery in about 2 hours.

[AaronFriel]

I think what they're saying, and they ought to clarify this, is that they don't store unencrypted messages, and they may temporarily store encrypted messages as part of the Signal protocol to deliver them later.

[saagarjha]

I think the interpretation is meant to be "we store private messages and we stop storing them after delivering them" rather than "we make them not private before delivering them".

[josalhor]

I think you're misunderstanding. Storing a message does not imply storing it in plaintext. In fact, the previous paragraph talks about E2E encryption.

[SQueeeeeL]

I was going to write a snarky remark about how WhatsApp doesn't promise to be E2E encrypted, but it totally does https://faq.whatsapp.com/general/security-and-privacy/end-to... . Maybe they just store the hash? Definitely sounds shady

[vel0city]

When you send someone a message, you upload the encrypted message to the server addressed for them. The user checks in with the server asking "any messages for me?" The server then delivers the message and deletes its cache of messages.

The server "stores" the message for that period of time when the user uploaded it and before the receiver confirmed the download. Allegedly, it stores it in the encrypted form as its advertised as end to end so they would not have the key to decrypt it.