[oblio]

The thing with E2E encryption, is it really verifiable? Has anyone actually gotten/extracted the WhatsApp secrets and then checked that what goes in one end comes out the other fully encrypted, systematically?

After all, everything goes through WhatsApp's proprietary clients and servers, we don't know what voodoo they do along the way. Just because they claim it's E2E encrypted, doesn't really make it so, I'd imagine. Has their E2E encryption been confirmed independently?

[indigo945]

They had Moxie Marlinspike, who is behind Signal, audit their encryption code. Of course, we can't know if the code they let him audit is actually the code that gets deployed, and it's also been a few years since then, but the E2EE has been independently confirmed.