[kryogen1c]

> WhatsApp/signal style apps cannot be secure to this sort of attack.

isnt this not true?

e2e keys are not known to signal server like they are on whatsapp. also there are no serverside signal backups.

[joshuaissac]

> e2e keys are not known to signal server like they are on whatsapp. also there are no serverside signal backups.

E2E keys are not known to WhatsApp's servers, and there are no server-side WhatsApp backups, either.

[swiley]

Your contacts weren't known to the WhatsApp server, now they are. There's no reason the next automatic update for signal can't contain code to send your keys to the server, and it wouldn't be the first centralized E2EE app to do that.