Whatsapp fake encryption

Seems you are NOT a coder my friend.
THere is something called SMAILI code on android that you could recompile )

Here, really are people that do not have idea of coding, thats why forensic research is somehow only for advance or SMART people )

Seems you are NOT a coder my friend.
THere is something called SMAILI code on android that you could recompile )

Sure I am not a coder, so I could not recompile anything anyway, but since I am usually a fast learner ? , can you provide some reference to "SMAILI" code?
Seemingly Google has a momentarily breakdown as it cannot find any reference to it. (

Here, really are people that do not have idea of coding, …

Well, nobody is perfect (seemingly with at least one exception, someone that knows everything and likes to show how other members are inadequate).

… thats why forensic research is somehow only for advance or SMART people )

… of which you allegedly represent an example, I believe? ?

jaclaz

Sure, i will post 3 screen capture during the day.
Even John Mcafee do not post anything yet )

Number 1
http//s32.postimg.org/9cuii5cp1/whatsapp.jpg

Number 2 (Enabling REMOTE callrecording wwowoww)
http//s32.postimg.org/ukqqjcvid/Capture2.jpg

Number3 (disabling REMOTE encryption….. Really funny)
http//s32.postimg.org/4ub7t7hxh/Capture3.jpg

Whatsapp, Viber, Signal, all are CRAP. Zero Security products.
For kids )

As for you Screenshots, can you provide the full source code? Maybe you have found the super secret back door!!

To be fair, you can get the same result by downloading the WhatsApp APK from a less than salubrious site, unzipping it and then using something like 'baksmali' to decompress the relevant dex file.

Quite how you might manage to recompile the source and then remotely compromise a mobile phone to the point where you can, at will, replace various system files without the user or OS noticing is another matter, and one which can't be proven on forums.

But just to be clear; this still doesn't mean WhatsApp encryption is 'fake'. You are instead asking it to decrypt subsequent local data rather than breaking the encryption yourself.

And for the transfer protocol; the creator is confident enough in it's strength that the entire implementation is available for anyone to view on GitHub and so far I don't think there have been any published vulnerabilities.

Either way, the options are
- droopy is withholding information because he/she is lying and doesn't know what they are talking about
- droopy is withholding information because he/she works for a state-level hacking firm

But given his dismissal of Signal (and by extension Moxie, who has fairly impeccable crypto credentials) I personally suspect the former, not the latter.

As for you Screenshots, can you provide the full source code? Maybe you have found the super secret back door!!

To be fair, you can get the same result by downloading the WhatsApp APK from a less than salubrious site, unzipping it and then using something like 'baksmali' to decompress the relevant dex file.

Quite how you might manage to recompile the source and then remotely compromise a mobile phone to the point where you can, at will, replace various system files without the user or OS noticing is another matter, and one which can't be proven on forums.

But just to be clear; this still doesn't mean WhatsApp encryption is 'fake'. You are instead asking it to decrypt subsequent local data rather than breaking the encryption yourself.

And for the transfer protocol; the creator is confident enough in it's strength that the entire implementation is available for anyone to view on GitHub and so far I don't think there have been any published vulnerabilities.

Either way, the options are
- droopy is withholding information because he/she is lying and doesn't know what they are talking about
- droopy is withholding information because he/she works for a state-level hacking firm

But given his dismissal of Signal (and by extension Moxie, who has fairly impeccable crypto credentials) I personally suspect the former, not the latter.

Moxie SIGNAL is the worst security product on planet earth.
Rule 1 NEVER use an encryption software that ASK FOR YOUR REAL PHONE NUMBER for validation. There is something called REMOTE INJECTION or remote vector that with just a number your WHOLE device is compromised ) in 1 second.
See why Apple dont want the system information application to show if device is jailbroken or not… Come on…

Droopy suggestion NEVER give your phone number to anyone )

Security is half encryption half IMPLEMENTATION.
Whatsapp i could detect many bugs on implementation, some exploits and many others, just by checking their source code.
security by obscurity is horrible.

Hmmm. ?

Rule 0 or pre-rule Quod gratis asseritur, gratis negatur
or - if you prefer - Hitchen's Razor applies
https://en.wikipedia.org/wiki/Hitchens's_razor

jaclaz

Moxie SIGNAL is the worst security product on planet earth.
Rule 1 NEVER use an encryption software that ASK FOR YOUR REAL PHONE NUMBER for validation. There is something called REMOTE INJECTION or remote vector that with just a number your WHOLE device is compromised ) in 1 second.
See why Apple dont want the system information application to show if device is jailbroken or not… Come on…

Droopy suggestion NEVER give your phone number to anyone )

So, You want to hide from the NSA or GCHQ? There is no reason, we are the good guys )

As far as I know, only Surespot, does not require user data but, Surespot only supports text messaging, no calling.

Regarding mobile forensics, decrypting Signal (TextSecure) messages, without a password, is not possible. The other option is dictionary attack.

Moxie SIGNAL is the worst security product on planet earth.
Rule 1 NEVER use an encryption software that ASK FOR YOUR REAL PHONE NUMBER for validation. There is something called REMOTE INJECTION or remote vector that with just a number your WHOLE device is compromised ) in 1 second.
See why Apple dont want the system information application to show if device is jailbroken or not… Come on…

Droopy suggestion NEVER give your phone number to anyone )

So, You want to hide from the NSA or GCHQ? There is no reason, we are the good guys )

As far as I know, only Surespot, does not require user data but, Surespot only supports text messaging, no calling.

Regarding mobile forensics, decrypting Signal (TextSecure) messages, without a password, is not possible. The other option is dictionary attack.

Dear Detective, when your device is COMPROMISED, you have total control.
Surespot, signal and ANY "encrypted" software is compromised.
)