[varispeed]

If you think WhatsApp is encrypted, I have a handful of magic beans to sell you.

[esskay]

Care to back that up? We know they don't encrypt metadata - that's not a secret. Message content however is E2EE - thankfully these things get audited: https://blog.cloudflare.com/key-transparency/

[varispeed]

This doesn't prove WhatsApp is encrypted at all. It proves that a directory of public keys is being logged and audited. That's it.

The protocol existing or being referenced doesn't prove it's what the production client is doing. That requires verifying the client code and behaviour end-to-end, not just the key directory.

[esskay]

Got it, so you can't back it up at all. You just made something up with zero actual evidence and rolled with it.

[eukara]

there have been claims as part of a recent lawsuit, which also influences peoples thinking

see: https://news.ycombinator.com/item?id=47738339

https://xcancel.com/BowesChay/status/2042399259316588793 (replies)

[kelnos]

The onus is not on us to prove that it's not E2E encrypted, but on Meta/WhatsApp to prove that it is. The only way they can do that is by open-sourcing the client application, and providing a method for anyone to verify that the binary on their device was built from those sources, without modification.

Anything else is just theater. Anyone who is worried that their communications could get them arrested or attacked cannot safely use something like WhatsApp. There is no way to trust that a third party's keys haven't been added to a conversation, or that the client isn't leaking message content through some other means.

[esskay]

> The onus is not on us to prove that it's not E2E encrypted

It is when someone posts as if they've got hard evidence it's not.

[tuananh]

it show whataspp key transparency is currently disabled since `Verified: Mar 13, 2026, 15:37:48 UTC`. any idea about this?

https://radar.cloudflare.com/key-transparency