Thoughts on WhatsApp E2E Encryption AKA Security Is Real Only if It's the Default.


Yesterday Tobias Boelter posted on his blog this article which essentially highlights a message rentransmission vulnerability on WhatsApp which makes it leak sensitive information if the recipient’s key changed, only alerting the user after the message has been sent.
The Guardian has then picked up the info and posted the article “WhatsApp vulnerability allows snooping on encrypted messages“.

In a matter of hours, a shit load of experts (and unfortunately also lot of ppl who are not experts at all) pointed their fingers at The Guardian, arguing that it’s not a backdoor and all other kind of sterile polemics. At some point, Moxie from Open Whisper Systems, the noprofit organization who made Signal, the only really secure messaging app we’re aware of and the library that WhatsApp recently integrated in order to give E2E encrypted messaging to all of their users, published on the blog this: “There is no WhatsApp ‘backdoor’“, which seemed to have put the word END to this conversation.

I do not agree and, since a lot of ego is going on here, I’d like to share my thoughts as well.

Read More

How the United Arab Emirates Intelligence Tried to Hire Me to Spy on Its People


Recently, we’ve been overwhelmed with news of horrors, attacks, monsters who murder the innocent in the name of a faith they don’t truly know. I’m publishing this article today to talk about other monsters, and I can guarantee these can be much worse than the ones we are now familiar with. They are the ones you don’t see coming, those you cannot conceive to be real.

Benjamin Franklin said:

Either write something worth reading or do something worth writing.

Well, I’ll do my best.

Read More