Comment by londons_explore

Comment by londons_explore 18 hours ago

34 replies

View on Hacker News

I want whatsapp to decrypt the messages in a secure enclave and render the message content to the screen with a secure rendering pipeline, as is done with DRM'ed video.

Compromise of the client side application or OS shouldn't break the security model.

This should be possible with current API's, since each message could if needed simply be a single frame DRM'ed video if no better approach exists (or until a better approach is built).

Retr0id 18 hours ago

Signal uses the DRM APIs to mitigate threats like Microsoft Recall, but it doesn't stop the app itself from reading its own data.

I don't really see how it's possible to mitigate client compromise. You can decrypt stuff on a secure enclave but at some point the client has to pull it out and render it.

Reply View 27 replies
  • bogwog 17 hours ago

    > I don't really see how it's possible to mitigate client compromise

    Easy: pass laws requiring chat providers to implement interoperability standards so that users can bring their own trusted clients. You're still at risk if your recipient is using a compromised client, but that's a problem that you have the power to solve, and it's much easier to convince someone to switch a secure client if they don't have to worry about losing their contacts.

    Reply View 9 replies
    • palata 16 hours ago

      > Easy: pass laws requiring chat providers to implement interoperability standards so that users can bring their own trusted clients.

      In Europe that's called the Digital Markets Act.

      Reply View 7 replies
      • digiown 16 hours ago

        That's not permissionless afaik. "Users" can't really do it. It's frustrating that all these legislations appear to view it as a business problem rather than a private individual's right to communicate securely.

        Reply View 6 replies
    • xvector 17 hours ago

      You seem to think the government wants your messages to be private and would "pass laws" to this effect.

      Methinks you put far too much faith in the government, at least from my understanding of the history of cybersecurity :)

      Reply View 0 replies
  • maqp 11 hours ago

    >I don't really see how it's possible to mitigate client compromise.

    You could of course offload plaintext input and output along with cryptographic operations and key management to separate devices that interact with the networked device unidirectionally over hardware data diodes, that prevent malware from getting in or getting the keys out.

    Throw in some v3 Onion Services for p2p ciphertext routing, and decent ciphersuite and you've successfully made it to at least three watch lists just by reading this. Anyway, here's one I made earlier https://github.com/maqp/tfc

    Reply View 0 replies
  • londons_explore 17 hours ago

    > don't really see how it's possible to mitigate client compromise.

    Think of the way DRM'ed video is played. If the media player application is compromised, the video data is still secure. Thats because the GPU does both the decryption and rendering, and will not let the application read it back.

    Reply View 7 replies
    • gruez 14 hours ago

      That's not what signal's doing though. It's just asking the OS nicely to not capture screen contents. There are secure ways of doing media playback, but that's not what signal's using.

      Reply View 0 replies
    • Retr0id 17 hours ago

      Video decryption+decoding is a well-defined enough problem that you can ship silicon that does it. You can't do the same thing for the UI of a social media app.

      You could put the entire app within TrustZone, but then you're not trusting the app vendor any less than you were before.

      Reply View 3 replies
      • Retr0id 17 hours ago

        Although now I think about it more, you could have APIs for "decrypt this [text/image] with key $id, and render it as a secure overlay at coordinates ($x, $y)"

        Reply View 2 replies
    • pennomi 17 hours ago

      There will always, ALWAYS be the analog hole in security models like this.

      Reply View 1 reply
      • londons_explore 12 hours ago

        It's pretty hard for the government or service provider to snoop through the analog hole unless they have a camera on your forehead...

        Reply View 0 replies
  • willis936 18 hours ago

    By avoiding untrustworthy clients. All Windows devices should be considered compromised after last year.

    Reply View 6 replies
    • Retr0id 18 hours ago

      That's not mitigating client compromise, that's a whole other thing - trying to construct an uncompromiseable client.

      You don't build defense-in-depth by assuming something can't be compromised.

      Reply View 2 replies
      • willis936 18 hours ago

        Clients can always be compromised. I'm not talking about a client that can't be compromised, but simply a client that is not compromised out-of-the-box.

        Reply View 1 reply
        • Retr0id 18 hours ago

          That seems orthogonal to the subject of this discussion, i.e. "Compromise of the client side application or OS shouldn't break the security model."

          Reply View 0 replies
    • cobertos 18 hours ago

      Windows has been sending usage history back to their servers for longer than just last year

      Reply View 0 replies
    • GraemeMeyer 18 hours ago

      Why last year?

      Reply View 1 reply
      • willis936 18 hours ago

        Windows recall, intrusive addition of AI features (is there even a pinky promise that they're not training on user data?), more builtin ads, and less user control (most notably the removal of using the OS without an account - something that makes sense in the context of undisclosed theft of private information).

        This was 2025. I'm excited for what 2026 will bring. Things are moving fast indeed.

        Reply View 0 replies
  • HumblyTossed 18 hours ago

    This. The gap in E2E is the point at which I type in clear text and the point at which I read clear text. Those can be exploited.

    Reply View 0 replies
rsync 15 hours ago

“I want whatsapp to decrypt the messages in a secure enclave and render the message content to the screen with a secure rendering pipeline, as is done with DRM'ed video.“

If you are sophisticated enough to understand, and want, these things (and I believe that you are) …

… then why would you want to use WhatsApp in the first place?

Reply View 1 reply
  • londons_explore 12 hours ago

    Because my goal isn't to have my communication secure - but to have everyone's communication secure.

    And the network effect of whatsapp (3 billion users) seems currently the best route to that.

    Reply View 0 replies
OtherShrezzing 18 hours ago

This is what a layman would assume happens from Meta’s WhatsApp advertising. They show the e2e process, and have the message entirely unreadable by anyone but the phone owner.

Reply View 3 replies
  • kevin_thibedeau 18 hours ago

    e2e means unreadable by a middleman. That is a small inconvenience if you can readily compromise an endpoint.

    Reply View 2 replies
    • Almondsetat 18 hours ago

      People keep talking about e2ee as if it was some brain-to-brain encoding that truly allowed only the recipient person to decrypt the message

      Reply View 1 reply
      • dijit 17 hours ago

        because it used to be that the ends and the middlemen were different entities.

        In the universe where they are the same entity (walled-gardens) there is only the middleman.

        In such cases you either trust them or you don’t, anything more is not required because they can compromise their own endpoints in a way you can not detect.

        Reply View 0 replies