Comment by solenoid0937

Comment by solenoid0937 17 hours ago

I don't see why standard RE techniques (DBI/Frida + MITM) wouldn't work, do you?

WhatsApp is constantly RE'd because it'd be incredibly valuable to discover gaps in its security posture, the community would find any exfil here.

We did reverse engineer it and we're cryptographers not reverse engineering experts https://eprint.iacr.org/2025/794

[removed] 17 hours ago

[deleted]

Reply View | 0 replies
solenoid0937 17 hours ago

Cool paper, thanks for sharing!

Reply View | 0 replies

cosmicgadget 17 hours ago

If people are trivially hooking IOS and Android applications then sure, it's just an exercise in dynamic analysis.

Mobile applications are outside my domain so I am surprised platform security (SEL, attestation, etc.) has been so easily defeated.