Okay I'm probably going to get flak for this but...

WhatsApp chats are apparently e2e secure. Except when you back them up, right? Why not, when you create a backup (iCloud, google drive, whatever), have the app generate a password protected key pair and use that to encrypt/decrypt the backup?

When restoring the backup, use the password you set for the key et voila! While at rest, that backup is still encrypted.

Or have I missed something completely?

  • 0
    I don't follow.

    You're taking the messages out from the app, so it's quite obvious you'd want them in plaintext. You can always throw your own crypto on there with something as simple as 7zip before you upload them.
  • 0
    @Froot I'm talking specifically about WhatsApp's backup feature that lets you restore your media and conversations on a new device. Not to use it outside of the app. When you do a backup in the app they warn you it's not encrypted in iCloud so I'm wondering why they can't just generate a key on backup.
Add Comment