That only works in transport if the connection is not pinned. I don't know if th... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		nickik on May 4, 2016 \| parent \| context \| favorite \| on: WhatsApp is back online in Brazil That only works in transport if the connection is not pinned. I don't know if they do pin, but they should. If they pin then the NSA would have to actually have access to the data center and doing that much without getting noticed is quite hard.

deleted_soon on May 4, 2016 [–]

True, but I bet that the NSA could force WhatsApp to issue certificates for fake keys. Obviously can't do that without being noticed, but they could still use it to spy on specific users if they wanted.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact