> In a phone call with WIRED, a WhatsApp spokesperson confirmed the researchers' findings, but emphasized that no one can secretly add a new member to a group—a notification does go through that a new, unknown member has joined the group.
Yeah, that solves it. -_-;
@cathal is the encryption core open though, or is just the protocol open?
My understanding is that WhatsApp does not use the FLOSS implementation of Signal proto, instead rolling out their own with the help of moxie.
*NOTHING* stops them from fscking this implementation up at some point or removing it entirely at their discretion.
I'd *love* to be proven wrong about this.
@rysiek Exactly, yes. But even if they did use an open source lib, it wouldn't matter; the closed bits are part of the same process/PID, they can access the same memory, and do whatever they want. There's nothing trustworthy about WhatsApp, whether the internals have open bits or not.