Remix clone Hacker News

> Even though they can't read your messages

I've long wondered if this is actually true.

If I have a closed-source app and claim (and can verify!) E2EE, surely I could still read every message from my closed-source app, within the app itself, and you'd never know.

I've never been a mobile app developer but I've been a desktop and web developer since the 90s so I don't know what apps can and cannot see but in a desktop app or web app, if it's on the screen, it's decrypted and I can put code in to read/steal it.

Am I missing something here?

▲

floralhangnail a day ago | parent | next [-]

At about 2:33:15 here, Zuckerberg somewhat alludes that Meta can take screenshots of WhatsApp messages.

https://youtu.be/7k1ehaE0bdU?t=9189

	▲	ItsBob 41 minutes ago \| parent \| next [-]
		Does it even need to be screenshots? Surely when I open up a chat in Whatsapp it would be as easy as doing a foreach on every msgElement.text value on screen and copying it to the mothership in plain text. After all, when I am reading them, they're decrypted. Or, when I send a message, as soon as I press the "Send" button, send a copy to the mothership. Perhaps I'm not seeing it right but it must be this simple. Right? At least with an open source app you can inspect the "Send" code and see if it calls "SendToMothership" when it also calls "SendToRecipient".
	▲	nothrabannosir 12 hours ago \| parent \| prev [-]
		What I got from your comment and from that interview were very different. He starts that bit with “when I text you on WhatsApp”. The “we” refers to Mark and Joe (Alice and Bob), not Meta (Eve).

▲

robertlagrant a day ago | parent | prev [-]

It's true in a sense - using an iPhone or an Android phone Apple/Google could be streaming your screen contents constantly, so even e2ee wouldn't help.

I just don't know if that is actually true, or if meta doing e2ee and then pinging your messages around from the app after they're delivered is true. I've no reason to believe either is.