And if so, why exactly? It says it’s end-to-end encrypted. The metadata isn’t. But what is metadata and is it bad that it’s not? Are there any other problematic things?
I think I have a few answers for these questions, but I was wondering if anyone else has good answers/explanations/links to share where I can inform myself more.
E2E is not equal to Symmetric Encryption, which is the most private “one way” encryption meaning the user controls the data at the origin, and the messages can’t be decrypted by anyone else.
WhatsApp is not the latter, so it is not private. Signal is symmetric, for example.
Care to elaborate? You can’t just imply asymmetric encryption can be decrypted by 3rd parties and not explain how.
Also I don’t know how exactly signal works but I know that you don’t need to share secrets externally to message someone, so how are they exchanging the symmetric keys without using asymmetric encryption to boot?