I've also noticed this, but in my experience, Bob's phone will also show a notification that Alice's "security code has changed" right before re-transmitting the "lol" message. Does this notification appear for you?
I agree however that this re-transmission should not be automatic. Nadim (sent from ThinkPad) ________________________________________ From: Messaging <[email protected]> on behalf of Jason A. Donenfeld <[email protected]> Sent: Thursday, June 9, 2016 10:26:52 PM To: [email protected] Subject: [messaging] The downsides of no key verification Hi folks, WhatsApp doesn't enforce any key verification, as we all know. I'm not sure, however, that this behavior is well-known: 1. Alice and Bob converse over WhatsApp 2. Alice drops her phone in a swimming pool. 3. Bob sends Alice a message, "lol looks like your phone went swimming", which she doesn't receive, since her phone is now broken. 4. While Alice is drying off after the swim, Malory registers a new instance (and thus new key) of WhatsApp and registers it with Alice's number by hanging out on SS7 to intercept the SMS verification. 5. Bob's phone now automatically and invisibly *retransmits* and *reencrypts* the "lol" message to Malory's new unauthenticated keys. Perhaps the retransmission in step 5 isn't a very good idea. Jason _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
