Beyond End-to-End Encryption: Threat Models for Secure Messaging

Explore the evolving threat landscape for secure messaging applications in this 44-minute conference talk from AppSecUSA 2017. Delve into advanced attack models that go beyond traditional man-in-the-middle scenarios, examining real-world vulnerabilities and attacks on popular communication platforms. Learn about attacker capabilities, potential effects of successful breaches, and emerging challenges in secure communication. Gain insights into specific cases like Telegram account hijacking, encrypted message language detection, VoIP content recovery, and protocol weaknesses in services like WhatsApp and iMessage. Understand the implications of quantum computing on privacy and discover browser-based attack vectors affecting widely-used messaging apps.