Security is not an absolute. No tool will give you that. However, what the security community considers a threshold for any product is transparency and disclosure of vulnerabilities. This allows an iterated security path. What worries me about today's Guardian article on WhatsApp is not that there is a crypto blindspot but that the security researcher claims to have informed WhatsApp security team back in April 2016 (responsible disclosure) but the parent company, Facebook, did not consider patching it a priority: "Boelter reported the backdoor vulnerability to Facebook in April 2016, but was told that Facebook was aware of the issue, that it was “expected behaviour” and wasn’t being actively worked on. The Guardian has verified the backdoor still exists." That is my real concern. On 13/01/2017 19:00, kictanet-request@lists.kictanet.or.ke wrote:

Send kictanet mailing list submissions to kictanet@lists.kictanet.or.ke

To subscribe or unsubscribe via the World Wide Web, visit https://lists.kictanet.or.ke/mailman/listinfo/kictanet or, via email, send a message with subject or body 'help' to kictanet-request@lists.kictanet.or.ke

You can reach the person managing the list at kictanet-owner@lists.kictanet.or.ke

When replying, please edit your Subject line so it is more specific than "Re: Contents of kictanet digest..."

Today's Topics:

1. Re: CA Speaks to Internet Shutdowns and "Monitoring" of Online Comms (Nanjira Sambuli) 2. Re: CA Speaks to Internet Shutdowns and "Monitoring" of Online Comms (Keith Andere)

_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet

-- Moses Karanja www.moseskaranja.com/blog