Billions tap out messages on WhatsApp every day. They trust the blue ticks and the lock icon. The company says only the sender and receiver can read them. End-to-end encryption, they call it. Yet a Medium essay by security researcher Adrian Găitan argues the promise amounts to one of the largest deceptions in consumer technology. He backs the charge with calculations that expose how weak links collapse the entire system.
Găitan’s piece, published on Medium, focuses less on breaking the Signal Protocol itself and more on the architecture around it. The protocol’s X3DH handshake offers a keyspace of roughly 2^2256 possibilities. Brute force at one quintillion guesses per second would take longer than the observable universe has existed. The Double Ratchet then generates fresh keys for each message. Compromise one key and past or future ones stay safe. The math holds.
But users rarely rely on that math alone. They back up chats to the cloud. An eight-character password delivers perhaps 34 bits of entropy. Attackers crack that in seconds on a modest GPU cluster. The security drop from 256 bits to roughly 41 bits represents a factor of more than 10^64. That number exceeds the count of atoms in the observable universe. One weak password and the conversation history spills.
Group chats compound the risk. Research from Ruhr University Bochum in 2017 and later confirmation by King’s College London researchers at Eurocrypt 2025 shows WhatsApp fails membership integrity. The server can inject participants without cryptographic proof from all members. Probability of exposure in a group of ten approaches certainty if any single user stores an unencrypted backup. Signal demands signed membership changes verified by private keys. WhatsApp does not.
And then there is metadata. Timestamps, IP addresses, contact graphs and message patterns travel outside the encrypted tunnel. The FBI obtained near-real-time metadata from WhatsApp every fifteen minutes in certain cases, according to a 2021 document secured by Rolling Stone. Signal hands over far less. Former NSA director Michael Hayden once said agencies “kill people based on metadata.” A Stanford study cited by Găitan showed Bayesian inference from metadata alone could predict medical conditions with 94 percent confidence.
These architectural choices matter because WhatsApp remains closed source. Independent experts cannot audit the binary at scale. The Electronic Frontier Foundation’s scorecard gave it six out of seven possible points but docked marks for lack of open code review. Reverse engineering of past APKs has occurred. No smoking-gun backdoor has surfaced in public analysis. Still the absence of proof does not equal proof of absence when the user base exceeds three billion.
Events in early 2026 turned academic critique into courtroom drama. A class-action lawsuit filed in San Francisco federal court by the firm Quinn Emanuel alleged that Meta employees, contractors at Accenture and possibly others could request access to any user’s messages through an internal system. Whistleblowers claimed near-real-time viewing without extra decryption steps. The suit cited no direct cryptographic proof. It leaned on anonymous accounts and patterns of behavior.
Cryptography engineer Matthew Green dissected the claims in a February post on his blog. “If WhatsApp did this, they (1) would get caught, (2) the evidence would almost certainly be visible in WhatsApp’s application code,” he wrote. Green, who has reviewed similar systems for years, called the lawsuit’s core allegation of universal content access implausible at scale without detection. He noted that loopholes exist. Backups, business accounts, Meta AI features that process some messages outside full encryption and metadata sharing all weaken privacy. None of them match the complaint’s description of a deliberate, blanket bypass of the Signal Protocol.
Yet the noise grew. Elon Musk and Telegram founder Pavel Durov amplified the story on X. Both run competing services. Bloomberg reported that the U.S. Department of Commerce’s Bureau of Industry and Security had opened an investigation nicknamed “Operation Sourced Encryption.” Agents examined claims from former Meta contractors that personnel enjoyed “unfettered” access. An internal email from a special agent in July 2025 described Meta’s ability to view messages with “no limit to the type.”
By late April the probe closed abruptly. Two people familiar with the matter told Bloomberg the inquiry ended without public explanation. Meta called the original allegations “patently false.” Company spokespeople have repeated for years that WhatsApp cannot provide message content to law enforcement because the keys never touch its servers. Its transparency reports and security white paper emphasize the Signal Protocol’s role.
Then Texas Attorney General Ken Paxton filed suit in May. The complaint accused Meta of deceiving users since at least 2016 by claiming messages remain inaccessible even to the company. It quoted Mark Zuckerberg’s 2018 congressional testimony that Meta sees no WhatsApp content. “The gravity of Meta’s and WhatsApp’s violation of users’ privacy and trust cannot be overstated,” the filing stated. Evidence again traced primarily to the earlier Bloomberg reporting on the federal inquiry. No independent technical exhibits accompanied the petition.
Experts greeted the Texas action with skepticism. Cryptographer Kenny Paterson called most of it “general dung-throwing.” Matthew Green reiterated that the WhatsApp clients sit available for reverse engineering. A 2025 analysis by researchers including those from King’s College London found a group-chat design flaw but “points towards WhatsApp providing users with end-to-end encryption for their message contents.” They saw no concrete evidence of broken promises on content. The Texas suit remains active. Meta has vowed to contest it vigorously.
So where does this leave the math? The protocol resists direct attack. Găitan never claims otherwise. His proof instead demonstrates how real-world implementation choices erode the theoretical strength. Cloud backups with guessable passwords. Server-controlled group membership. Metadata pipelines that paint detailed behavioral portraits. Closed binaries that resist mass audit. Each element stands separate from the core encryption math yet together they shape what users actually experience.
WhatsApp does warn users about backups. It offers end-to-end encrypted backup as an option. Most skip the extra steps. Business accounts operate under different rules. Meta AI features pull selected chats for processing under privacy safeguards the company describes as secure enclaves. None of these details appear in the simple marketing messages that dominate app-store descriptions and television ads.
Older vulnerabilities add color. The 2019 CVE-2019-3568 buffer overflow in WhatsApp’s VoIP stack earned a CVSS score of 9.8. No user interaction was required. NSO Group’s Pegasus spyware exploited it to infect more than 1,400 devices. Court records later held the Israeli firm liable. The flaw sat in the implementation layer, not the Signal math. It showed how a single coding error can hand nation-state actors full device access.
ProPublica and others have documented law-enforcement pressure on Meta to expand data sharing. The company publishes transparency numbers on government requests. It maintains that content stays unavailable. Metadata flows more freely. Daniel Kahn Gillmor of the ACLU once observed that the volume of information WhatsApp provides can devastate sources speaking to journalists.
Users now face a layered decision. The encryption between devices works when both run current software, backups stay disabled or strongly protected, and groups remain small and trusted. Deviate from that narrow path and protections fray. Switch to Signal and the default settings tighten. Metadata collection shrinks. Code is open for review. The trade-off arrives in network effects. Everyone already sits on WhatsApp.
Regulators on both sides of the Atlantic continue to circle. European proposals for chat-scanning tools have sparked fierce debate over mandatory client-side scanning. Australian and U.K. officials have pressed for exceptional access mechanisms. Each demand tests the boundary between user privacy and public safety. No resolution has stuck.
The Medium essay and subsequent lawsuits will not end the conversation. They highlight a persistent gap between advertised security and delivered guarantees. Cryptographers such as Green argue that extraordinary claims of total access require extraordinary evidence. So far that evidence has not materialized in public technical form. The calculations, the research papers and the court filings nevertheless force a sharper look at what end-to-end encryption truly means when one company controls the client, the servers and the defaults.
Billions of conversations continue. The lock icon stays. The questions accumulate.
Discover more from Web and IT News
Subscribe to get the latest posts sent to your email.