|
|
|
|
|
|
by upofadown
804 days ago
|
|
|
That's only if Signal and Whatsapp actually took any good lessons from WJCE. Both handle the difficult identity issue with the comparison of huge numbers just like with PGP. Usability studies have shown that this has worked out about as well as one might expect[1]. Worse, both cheerfully allow the use of unauthenticated correspondents without any particular warning to the user. WHCE identified the root issue as a failure to create and impart the required concepts to use the system. Signal/Whatsapp completely fail at this, instead the user is provide with a sense of security that is not warranted. The PGP using community as least recognised that there was a problem. When has anyone ever organized a Signal/Whatsapp key comparison party? [1] https://www.ndss-symposium.org/wp-content/uploads/2018/03/09... |
|
|