Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unofficial WhatsApp Library Gets End To End Encryption Before Official Clients

Posted by timothy on from the keep-it-secret-keep-it-safe dept.

An anonymous reader writes Earlier last year WhatsApp announced partnership with Open WhisperSystems to integrate the ratcheting forward secrecy protocol found in their app called TextSecure, into WhatsApp. The protocol is supposed to provide end-to-end encryption between WhatsApp clients. So far it has been implemented only in WhatsApp on Android, with the rest of platforms yet to come. The implementation however has already made it into unofficial WhatsApp libraries which allow developers to use WhatsApp service in their applications, starting with a python-library called yowsup, and the rest will follow. It's worth mentioning that none of those libraries are supported nor approved by WhatsApp, so one has to wonder if WhatsApp is going to take some legal action (again) against them.

6 of 29 comments (clear)

  1. Oh the irony by OzPeter · · Score: 4, Funny

    The implementation however has already made it into unofficial WhatsApp libraries which allow developers to use WhatsApp service in their applications, starting with a python-library called yowsup, and the rest will follow.

    With the previous story being 2014: The Year We Learned How Vulnerable Third-Party Code Libraries Are

    --
    I am Slashdot. Are you Slashdot as well?
    1. Re:Oh the irony by ganjadude · · Score: 2

      seriously... the very last story was this - http://linux.slashdot.org/stor...

      I mean come on now

      --
      have you seen my sig? there are many others like it but none that are the same
  2. OK by koan · · Score: 3, Interesting

    Whatsapp is owned by Facebook, Facebook can not be trusted, Whispersystems is Moxie Marlinspikes gig, so has Moxie sold out? Possible but not probable so I'm going with "additional code" added to the package once the Facebook Balut's get their slimy claws on it.

    What's a Balut?
    https://en.wikipedia.org/wiki/...

    --
    "If any question why we died, Tell them because our fathers lied."
  3. XMPP by BitZtream · · Score: 5, Insightful

    http://xmpp.org/rfcs/rfc3923.h...

    Seriously, stop using proprietary carpware.

    Its one thing when proprietary offers you some benefit, but when it comes to IM, using anything other than XMPP from someone who supports federation is just as retarded as using email from someone who doesn't do proper SMTP.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    1. Re:XMPP by greenfruitsalad · · Score: 2

      show me a free xmpp server that supports all the necessary XEPs for reliable message delivery on mobile devices. you'll find exactly 0.

      if i remember correctly, only ejabberd caters for mobile users and that is only free for up to 5 users. (the gpl only version does not support all needed extensions)

      even if you manage to find one, try to find a free jabber client that supports those xeps. you'll find exactly 0 (well, you'll find 1 on fdroid, but in play store, it's paid for).

      so you see, at the moment, xmpp is a very poor substitute for whatsapp (with OTR), telegram and the likes.

  4. Re:SubjectsInCommentsAreStupid by Anonymous Coward · · Score: 2, Interesting

    Messages to other users are simply not encrypted