After the recent expose of how WhatsApp uses a static key for emcrypting chat messages, the messaging service put up a blogpost, Setting the record straight, to re-assure users that they care about privacy. Apparently miffed at the bold claim, Nadim Kobeissi, a cryptographer, went ahead to publish the static AES key to decrypt all WhatsApp chats:
WhatsApp cares about privacy, so here's the AES key to decrypt all WhatsApp chats. 8D4B155CC9FF81E5CBF6FA7819366A3EC621A656416CD793 #Woops
— Nadim Kobeissi (@kaepora) March 17, 2014
Here’s the whole deal in English: WhatsApp uses a static key to encrypt backed up messages – same key for everyone. This means that once you have the key, you can decrypt anyone else’s WhatsApp message. Imagine if your house key was same as everyone else’s house keys.
Anyway, the gauntlet has been thrown. The real question is, “How many WhatsApp users really care?”