I would like an article in the form of a creative blogpost with the following title: “Debunking the Illusion of WhatsApp's Transparent Encryption” The article
should focus on WhatsApp end-to-end encryption and how secure it really is?
Please cover the following points:
- Whatsapp’s end to end encryption protocol
- Whatsapp’s new release of key transparency: each person who wants to talk to another will have a hash in the server transparent to everyone, however, the
server is managed by WhatsApp or third trust party so how could we trust these two entities? - Whatsapp security issues: if the user is offline, the user downloads the public key of the person they will talk to from the WhatsApp server with a new
session key; however, how could we trust WhatsApp to give us the correct key and not intercept between the two users? Another aspect of key transparency,
in which WhatsApp leads us to be believe each user has a QR code, if its the same then there is no interception, but WhatsApp generates the QR code so how
can we trust that we’re given the correct information? Also cover the following point from this article https://medium.com/asecuritysite-when-bob-metalice/well-done-to-whatsapp-in-taking-security-seriously-key-transparency-2d56bce47396 The blogpost talks about "Eve-in-the-middle-attack" but in reality
whatsapp is EVE as it can intercept all of our messages in the same way that its is describing "EVE". Please highlight this issue as this proves that its not
E2EE. - Mention possible solutions to end to end encryption using matrix explaining what it is and how it will address WhatsApp security issues. Matrix allows u to
run your own server or choose ur trusted server; however, to a normal user this solution is not efficient as the user doesn’t know who to trust.
Please try to relate all the points in a coherent manner, feel free to get creative with narrating the blogpost. Please don’t make the points general rather give
specific arguments