US reportedly investigate claims that Meta can read encrypted WhatsApp messages
by echelon_musk on 1/31/2026, 1:27:23 PM
Comments
by: cosmicgadget
> “We look forward to moving forward with those claims and note WhatsApp’s denials have all been carefully worded in a way that stops short of denying the central allegation in the complaint – that Meta has the ability to read WhatsApp messages, regardless of its claims about end-to-end encryption.”<p>My money is on the chats being end to end encrypted and separately uploaded to Facebook.
1/31/2026, 3:38:00 PM
by: oncallthrow
This should surprise nobody. Do you really think that the intelligence agencies of the US etc would allow mainstream E2E encryption? Please stop being so naive
1/31/2026, 4:25:05 PM
by: Ms-J
Who do they expect to fall for the claims that a Facebook owned messenger couldn't read your "encrypted" messages? It's truly funny.<p>Any large scale provider with headquarters in the USA will be subject to backdoors and information sharing with the government when they want to read or know what you are doing.
1/31/2026, 3:07:10 PM
by: modeless
Meanwhile Apple has always been able to read encrypted iMessage messages and everyone decided to ignore that fact. <a href="https://james.darpinian.com/blog/apple-imessage-encryption" rel="nofollow">https://james.darpinian.com/blog/apple-imessage-encryption</a>
1/31/2026, 4:21:31 PM
by: renegade-otter
Anyone trusting Facebook to follow basic human decency and, yes, laws, is a fool.
1/31/2026, 3:43:00 PM
by: mrtksn
I wonder how these investigations go? Are they just asking them if it is true? Are they working with IT specialist to technically analyze the apps? Are they requesting the source code that can be demonstrated to be the same one that runs on the user devices and then analyze that code?
1/31/2026, 3:00:18 PM
by: nindalf
This reads like a nothingburger. Couple of quotes from the article:<p>> the idea that WhatsApp can selectively and retroactively access the content of [end-to-end encrypted] individual chats is a mathematical impossibility<p>> Steven Murdoch, professor of security engineering at UCL, said the lawsuit was “a bit strange”. “It seems to be going mostly on whistleblowers, and we don’t know much about them or their credibility,” he said. “I would be very surprised if what they are claiming is actually true.”<p>No one apart from the firm filing the lawsuit is actually supporting this claim. A lot of people in this thread seem very confident that it's true, and I'm not sure what precisely makes them so confident.
1/31/2026, 4:19:25 PM
by: londons_explore
I want whatsapp to decrypt the messages in a secure enclave and render the message content to the screen with a secure rendering pipeline, as is done with DRM'ed video.<p>Compromise of the client side application or OS shouldn't break the security model.<p>This should be possible with current API's, since each message could if needed simply be a single frame DRM'ed video if no better approach exists (or until a better approach is built).
1/31/2026, 3:14:08 PM
by: miohtama
Both things cannot be true at the same time<p>- WhatsApp encryption is broken<p>- EU's and UK's Chat Control spooks demand Meta to insert backdoor because they cannot break the encryption<p>The Guardian has its own editorial flavour on tech news, so expect them to use any excuse to bash the subject.
1/31/2026, 3:34:50 PM
by: calibas
It's vulnerable to man-in-the-middle attacks, and the man-in-the-middle happens to be Meta.<p>The tricky part would be doing it and not getting caught though.
1/31/2026, 3:38:26 PM
by: oefrha
I always assumed Meta has backdoor that at least allows them to compromise key individuals if men in black ask, but law firm representing NSO courageously defending the people? Come the fuck on.<p>> Our colleagues’ defence of NSO on appeal has nothing to do with the facts disclosed to us and which form the basis of the lawsuit we brought for worldwide WhatsApp users.
1/31/2026, 3:42:22 PM
by: david_allison
It was my understanding that the backups are unencrypted. Is that still the case?
1/31/2026, 3:09:04 PM
by: timpera
Lots of uninformed conspiratorial comments with zero proof in here, but I'd really like WhatsApp to get their encryption audited by a reliable, independent 3rd party.
1/31/2026, 4:05:07 PM
by: kachapopopow
yes, this is a very known fact that it is not E2EE but Client2Server Encrypted. Otherwise your message history wouldn't work.
1/31/2026, 3:58:12 PM
by: oldestofsports
Surprised pikachu face
1/31/2026, 3:38:28 PM
by: jijji
if anybody believes that Facebook would allow people to send a totally encrypted message to somebody, they're out of their mind. they're pretty much in bed with law enforcement at this point. I mean I don't know how many people have been killed in Saudi Arabia this year for writing Facebook messages to each other that were against what the government wanted but it's probably a large number.
1/31/2026, 3:56:13 PM
by: znpy
I always assumed this to be true, to be honest.<p>Nowadays all of the messaging pipeline on my phone is closed source and proprietary, and thus unverifiable at all.<p>The iPhone operating system is closed, the runtime is closed, the whatsapp client is closed, the protocol is closed… hard to believe any claim.<p>And i know that somebody’s gonna bring up the alleged e2e encryption… a client in control of somebody else might just leak the encryption keys from one end of the chat.<p>Closed systems that do not support third party clients that connect through open protocols should ALWAYS be assumed to be insecure.
1/31/2026, 3:23:31 PM
by: AndrewKemendo
If your personal threat model at this point is not literally:<p>“everything I ever do can be used against me in court”<p>…then you are not up-to-date with the latest state of society<p>Privacy is the most relevant when you are in a position where that information is the difference between your life or your death<p>The average person going through their average day breaks dozens of laws because the world is a Kafkaesque surveillance capitalist society.<p>The amount of information that exists about there average consumer is so unbelievably godly such that any litigator could make an argument against nearly any human on the planet that they are in violation of something if there is enough pressure<p>If you think you’re safe in this society because you “don’t do anything wrong“ then you’re compromised and don’t even realize it
1/31/2026, 3:55:26 PM
by: alex1138
Zuck didn't buy it in good faith. It wasn't "we'll grow you big by using our resources but be absolutely faithful to the privacy terms you dictate". Evidence: Brian Acton very publically telling people that they (Zuck, possibly Sandberg) reneged<p>Zuck thinks we're "dumb fucks". That's his internet legacy. Copying products, buying them up, wiping out competition
1/31/2026, 4:03:39 PM
by: josefrichter
I am not into conspiracy theories, but I find it very unlikely that our governments can’t read all our messages across platforms.
1/31/2026, 3:31:44 PM
by: ralusek
I mean at the very least if their clients can read it then they can at least read it through their clients, right? And if their clients can read it’ll be because of some private key stored on the client device that they must be able to access, so they could always get that. And this is just assuming that they’ve been transparent about how it’s built, they could just have backdoors on their end.
1/31/2026, 2:38:34 PM
by: xvector
What even are these low effort, uninformed conspiratorial comments saturating the comment section?<p>Sure, Meta can obviously read encrypted messages in certain scenarios:<p>- you report a chat (you're just uploading the plaintext)<p>- you turn on their AI bot (inference runs on their GPUs)<p>Otherwise they cannot read anything. The app uses the same encryption protocol as Signal and it's been extensively reverse engineered. Hell, they worked with Moxie's team to get this done (<a href="https://signal.org/blog/whatsapp-complete/" rel="nofollow">https://signal.org/blog/whatsapp-complete/</a>).<p>The burden of proof is on anyone that claims Meta bypassing encryption is "obviously the case."<p>I am really tired of HN devolving into angry uninformed hot takes and quips.
1/31/2026, 3:53:14 PM