[messaging] Summary of discussion session at USENIX HotSec
mike at plan99.net
Thu Aug 21 04:29:40 PDT 2014
> Some ability for users to detect MITM attacks by the public key server
> might be enough to discourage companies/governments from doing MITM attacks
> on a large scale.
For something like WhatsApp simply notifying the user that the user has
switched to another device and being forced to provide a hardware model
name might be good enough. E.g. your conversation looks like this:
<Friend has switched from a Nexus 5 to a new Nexus 5 [Learn more]>
Me: Did your phone break or something?
Friend: Huh what?! No my phone is fine, why?
Me: Uh, it jus told me you switched to a new device ....
Friend: Nope ....
ok that's a bit silly, but you get the idea.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging