> Are people publicly archiving, reverse engineering, and auditing every single version of Whatsapp?

Absolutely for archiving: https://androidapks.com/whatsapp-messenger/com-whatsapp/old/

Reverse engineering to some extent as well – it's an extremely popular app, and as such attracts both security researchers and bloggers that just want to get scoops on new features behind feature flags etc.

> Would you even know if you got a special copy of Whatsapp (still signed by Meta and valid) that has this explicit code?

Given the above, it's feasible – at least on Android, it's fairly easy to hash the .apk you've received and compare it to publicly know versions.

The threat of somebody finding unusual code on their phone will probably not deter targeted deploys by sophisticated/state level actors to specific users, but it goes some way towards making it implausible that everybody is running a backdoored version, potentially backdoored by Meta themselves, which is arguably the goal.

That would require explicit code to do so, which would probably be extremely hard to explain away.

Definitely, but they don't have to contain any (plaintext) message content for encrypted messengers.

On Android, push notifications were always processed by the receiving app, so it can just decrypt a payload directly (or download new messages from the server and decrypt these); on iOS, this isn't as reliable (e.g. swiping the app out of the app switcher used to break it in several iOS versions), but "VoIP notifications" and the newer "message decryption extension" [1] are.

The same principle applies to Web Push – I believe end-to-end encryption is even mandatory there.

[1] https://developer.apple.com/documentation/usernotifications/...

Lots of largely baseless speculation here about WhatsApp MITMing end-to-end encrypted chats and other hypotheticals, when the most likely government access path is right there in the open:

WhatsApp heavily nudges users into backing up their chats to iCloud or Google Drive. These backups are, by default, unencrypted (or at least encrypted using a key known to Meta). And most users just use the defaults.

It's exactly the same story with iMessage: If "iCloud Backup" and "iMessage in the cloud" are activated (again, Apple nudges users into these by default), all received messages get uploaded to Apple using a key available to Apple, unless "Advanced Data Protection" is also enabled (decidedly not the default).

Users can deviate from these defaults (and both parties to a conversation need to, for the conversation to actually be private!), but they can already also just use Signal if sufficiently motivated.

Yes, but users can compare fingerprints (sure, most probably don't, but it's definitely a deterrence against MITMing all conversations by default), receive warnings whenever fingerprints change etc.

There's also supposedly a key transparency service deployed (similar to Certificate Transparency), but I haven't looked into that in detail.