[messaging] WhatsApp & OWS team up

Michael Rogers michael at briarproject.org
Tue Nov 18 11:38:25 PST 2014

Hash: SHA256

On 18/11/14 16:23, Mike Hearn wrote:
> I can see a couple of directions to go now:
> 1. Cracking the usable key verification problem. This move brings 
> WhatsApp to the same level of security as iMessage (or better,
> given the forward security), but WhatsApp/Facebook could still do
> a switcheroo on people's keys. TextSecure never really figured
> this out IMO - it still expects people to manually compare long
> strings of hex.

Fingerprint comparison can be made easy with QR codes. The tricky part
is what to do when a user reinstalls the app, creating a new key. How
do their contacts know the difference between that and a MITM attack?

Maybe the answer is that they don't. There's no special UX for a MITM
attack - no flashing red warning that the sky is falling. If the
server MITMs a verified contact, they switch back to unverified, just
as they would if they reinstalled. Caveat, uh, usor.

> 2. Building a trustworthy binary auditing and distribution process,
> so people can be assured that they're using what they think
> they're using. I have some ideas on this and have been doing a bit
> of work on it myself for Lighthouse, which features a threshold
> signature based auto update system. But the bulk of this work
> involves things like finding people who can be trusted to audit the
> source code in a variety of jurisdictions, making the builds
> reproducible, and finding a way to make the platform auto update
> mechanisms thresholded. I have some threshold RSA code I was able
> to extract from some academics a year or two ago that should in
> theory be compatible with Android, but I never tested it.

Do you need threshold signatures for this, or would a quorum of
ordinary signatures work?

Version: GnuPG v1.4.12 (GNU/Linux)


More information about the Messaging mailing list