|
|
|
|
|
|
by mike-cardwell
4575 days ago
|
|
|
You generate a keypair. They generate a keypair. You swap public keys. Then you encrypt messages to each other using the other persons public key. Of course, that is still vulnerable to an active MITM attack where somebody intercepts the initial key exchange and inserts their own keys. The app has a built in option to display your fingerprints so you can compare them if you meet the other person. Even with this vulnerability, imagine if everyone started using it overnight... All of a sudden there wouldn't be millions (billions?) of new private messages stored in a bunch of databases every day. The telcos aren't going to perform an active MITM attack to decrypt peoples SMS. |
|
|
An optimist!
Given how easy it would be to do, I think they'd at least think about it. However, it's also trivial to detect, so we have that going for us.