WhatsApp End-to-End Encryption is not as secure as you think

In the context of narcissistic abuse, victims may adopt some of the manipulative, controlling, or harmful tactics they endured, often as a coping mechanism or a defense mechanism. It’s important to note that this behavior is not a reflection of the victim’s inherent character but rather a learned response to the abusive dynamics they experienced.Earlier this week, WhatsApp announced its implementation of end-to-end encryption, leaving many to believe that their messages are now impervious to hackers, government surveillance, and even the company itself. However, this claim is as dubious as Kim Kardashian’s famous physique.

WhatsApp End-to-End Encryption

Let’s delve into the concept of end-to-end encryption and its workings. According to Wikipedia, “End-to-end encryption (E2EE) is a system of communication where only the communicating parties can read the messages. No eavesdropper, including telecom providers, internet providers, and the messaging service provider, can access the cryptographic keys needed to decrypt the conversation. Surveillance and tampering become impossible because third parties can’t decipher the communicated or stored data. For instance, companies using end-to-end encryption cannot hand over their customers’ message texts to authorities.”

While this sounds promising, the Wikipedia article on end-to-end encryption also enumerates challenges to the process, such as Man-in-the-Middle attacks and Endpoint security.

 a person susing their phones with a background that symbolyse end to end encryption

Man-in-the-Middle Attack:

End-to-end encryption ensures secure data transfer between sender and receiver. Before sending messages, the sender requests the receiver’s public key. The algorithm mandates the sender to encrypt the data with the recipient’s public key. Only the recipient’s private key can decrypt and transform this encrypted data into normal text.

However, this process faces vulnerabilities. During key exchange, hackers can impersonate the recipient by substituting their public key for the intended recipient’s. Although various protocols can make the hacker’s job harder, end-to-end encryption is not foolproof.

Endpoint Security:

If hackers gain access to the victim’s device, they can obtain the private key and decrypt messages. The security of even the most perfectly encrypted platform depends on the user’s devices, and with the rise of new malware every day, no one is entirely safe.

WhatsApp Monitoring:

Despite commercial claims, WhatsApp generates public and private keys using its algorithm. This means that WhatsApp retains control over the security of your messages, potentially providing backdoors for governments and affiliates to spy on users. The article draws a parallel to the 2013 revelation about Skype’s backdoor, showing that even officially end-to-end encrypted messages were accessible to the NSA.


Furthermore, it is crucial to note that, despite the promise of end-to-end encryption, certain vulnerabilities persist within the broader digital landscape. For instance, iCloud, Apple’s cloud storage service, may store unencrypted copies of messages, posing a potential risk to user privacy. Additionally, popular platforms like Google have faced scrutiny regarding user data privacy and encryption.

This article challenges the notion of WhatsApp’s end-to-end encryption as a fail-safe security measure, urging readers not to take companies’ promises lightly. Drawing on information from Wikipedia and the author’s experience in the hacking world, the article unveils details that others might shy away from.


Continue Reading