|
|
|
|
|
|
by Ajedi32
1161 days ago
|
|
|
Yeah, the more of these (admittedly excellent) security features they add the more glaring a hole the lack of an open source client seems by comparison. Like, key transparency only helps in a situation where Facebook's servers are compromised, right? That's the most obvious way a man in the middle attack could happen. But if you're worried about an attacker who can compromise Facebook servers, why not also worry about whether that same attacker can compromise the WhatsApp client app, or even compromise Facebook itself at an organizational level? I don't want to downplay this change too much; it's a genuinely useful security measure that I don't think I've seen any other messaging app implement. But at this point, adding further defenses against external attackers is starting to feel like layering more and more complicated locking mechanisms onto a vault door that's made out of glass. |
|
|