[messaging] Summary of discussion session at USENIX HotSec

Mike Hearn mike at plan99.net
Thu Aug 21 04:29:40 PDT 2014

> Some ability for users to detect MITM attacks by the public key server
> might be enough to discourage companies/governments from doing MITM attacks
> on a large scale.

For something like WhatsApp simply notifying the user that the user has
switched to another device and being forced to provide a hardware model
name might be good enough. E.g. your conversation looks like this:

Me:   Hi!
Friend:   Hey
<Friend has switched from a Nexus 5 to a new Nexus 5  [Learn more]>
Me: Did your phone break or something?
Friend: Huh what?! No my phone is fine, why?
Me: Uh, it jus told me you switched to a new device ....
Friend: Nope ....
NSA:   *busted*

ok that's a bit silly, but you get the idea.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140821/ea1fa856/attachment.html>

More information about the Messaging mailing list