Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How can WhatsApp use end-to-end-encryption when sending notifications containing decrypted messages? [duplicate]

I'm not totally sure whether this question can be asked on this forum, so if you think it should be migrated, let me know.

A few days ago, WhatsApp announced that, from now on, they will use end-to-end-encryption to encrypt all conversations and calls and displayed according banners in every chat:

End-to-end-encryption announcement

That actually means that you get an encrypted message from their servers and decrypt it with your own private key that is only stored locally, as WhatsApp is stating:

WhatsApp servers do not have access to the private keys of WhatsApp users.

Now, even for encrypted chats, I've noticed that push notification (on iOS) nonetheless contain the decrypted message, not only the meta information (that person X sent you a message) as usual for end-to-end-encrypted messengers. Since WhatsApp claims, they don't have your private key on their server (which would make end-to-end-encryption totally worthless), there must be a way to locally decrypt (or otherwise process) notifications before delivering them, or WhatsApp would lie about them using end-to-end-encryption.

Now, what I would like to know, is whether there is an option to process iOS notifications before delivering (e.g. receiving the payload with the app running in background, then processing it, and eventually sending a local notification) and if yes, how it can be done. As far as I know, it is not possible, so WhatsApp would lie. What do you know / think ?

like image 732
fredpi Avatar asked Nov 08 '22 17:11

fredpi


1 Answers

There is VoIP background mode which maintains your socket connection online (to WhatsApp server). They can receive message by this socket and then send you the local notification. What do you think? I'm interested in this issue too.

like image 128
Nikita Lieskin Avatar answered Nov 15 '22 06:11

Nikita Lieskin