WhatsApp Security Improvements
WhatsApp is a messaging app that hundreds of millions of people use every day. It’s similar to iMessage or BBM or SMS but has historically had a really bad security record. These have been bad enough that I’ve intentionally tried to stay away from using it (messages sent in plain text, data leaks, censorship in some countries).
That all kind of changed yesterday in a big way. End-to-end encryption was rolled out to all devices running the latest version.
That’s a big deal. It means that messages are encrypted from device to device - you actually have to be the sender or recipient to know what a message says. WhatsApp now has know way to read it on their servers and those that might be “listening in” to network traffic won’t be able to tell what a message says.
I only say it kind of changed yesterday though as it’s not a perfect implementation (as something like Threema is. There presently is no way to verify encryption status which might be an issue for some people in sensitive situations. If they can add key verification (like Threema has) it’d be a much better implementation. If they could add the additional security features of something like Threema (wipe-on-3-missed-passcodes for instance) it’d be wonderful.
But suffice it to say this is a definite, encouraging move in the right direction (and one I’m sure governments across the globe are hating).