"WhatsApp remains encrypted end-to-end… but that was never the threat.
The threat is what happens at the ends… on the servers, and on the client. i.e. could WhatsApp access the messages on the server, would they use the client to read them?
We know they could access the messages on the server, as some of their search and sharing functionality reveals the capability, plus encryption requires keys and the fact that you could lose a phone and activate on a new phone shows that if things are encrypted then WhatsApp possessed the keys at their end… which should be freaking obvious to all, of course they hold the keys.
When it comes to encryption, who holds the keys is a question of security vs convenience, and WhatsApp (when owned by Facebook) showed that they now prioritised convenience over security.
What of the client, the other end? Well… the client has the messages decrypted, it must simply by virtue of being able to show them to you in a way that you could read. And did it use this in a way that profited them? Well yes! The most common form was the link preview… if we chatted and I shared a link to a product in that chat, the link typically showed a summary of the web page in question… the client made a web request using the WebView component, thus placing a cookie and leaking some details. If you ever then opened Instagram and got a highly relevant advert and wondered how that could be because you’d only mentioned it once in a private chat in the “encrypted” WhatsApp… well, now you know.
So WhatsApp under Facebook ownership kept end-to-end encryption (govts and 3rd parties couldn’t intercept on the wire) but used their ownership of both ends for their profit.
Now Facebook have come clean… they’re going to fully linked WhatsApp and Facebook accounts, meaning the full advertising force is coming your way. And they’ve already shown you how… by using the fact that they have access to the unencrypted messages at both ends.
This was always obvious despite their many denials that they would. And those who sought refuge in the “but it’s end-to-end encrypted” failed to understand what that implied… it’s encrypted end-to-end, meaning everywhere but the end - all the stuff inbetween. But the ends… the server and the client… can both access messages unencrypted.
My view is simple: For all your private communications with anyone that you care about, you should use Signal https://signal.org .
Signal has drawbacks, but that’s because when the question comes up of security vs convenience they choose security every time. What does this mean? Well if you lose your phone and buy a new phone, you can activate the same Signal account because you own the phone number, but you cannot access old messages because Signal didn’t have ownership of the encryption key, this was on your old phone and if you didn’t make a backup of the chat then nothing could restore it.
Signal is basically perfect from a security perspective, but not so great on the convenience and usability perspective (because security was prioritised)… so what it comes down to:
Do you want to have every private chat made available as source data for profile enrichment that can then be sold on to advertisers?
Or do you want full privacy and security at the cost of a few rough edges?
I’ll keep my WhatsApp account, but I pressed “Not Now” and am currently in the process of manually deleting every chat, all media, and exiting all groups on WhatsApp and instigating the chats anew on Signal. WhatsApp will exist only so that those who try and reach me can do so… but I’ll only actually chat on Signal."
" There’s more stuff about the Whatsapp backups on HN recently (in a thread about a Telegram backdoor).
It confirms that if you enable the cloud backup then the Whatsapp client uploads them to Google Drive encrypted with a key derived from your phone number. That’s how you’re able to restore messages on a new phone without needing anything else, but only if you have cloud backup enabled.
Whatsapp’s servers don’t have the unencrypted messages, but they do have everything they need to get it if you have cloud backups enabled.
(I wouldn’t enable cloud backup of my whatsapp messages based on that. Whatsapp will have written the key derivation function and so they could retrieve and decrypt any of the backups. Most likely this is so they can give access to Government agencies who probably already have access to arbitrary Google Drive data stores at will. They just need the key derivation function details from Whatsapp.)
Personally I just rely on periodic local backups of my phone (which will backup all of the data) and knowing that I may lose the few days data since my most recent backup. I wouldn’t touch the cloud backup with someone else’s stick. "