A few days ago, an old "vulnerability" of WhatsApp re-appeared in the media. The Guardian published this article calling the vulnerability a "backdoor". The article cites these findings of Tobias Boelter, a security researcher at UC Berkley.
The "vulnerability" is that WhatsApp automatically retransmits messages that have not been received by a client after that receiver changes encryption keys. The receiver is not notified of the key change and the sender is only notified if they switch on an option (which is disabled by default) buried deep in the account settings.
After a rather general response from Facebook/WhatsApp ("We do not have a backdoor"), Open Whisper Systems, the maker of the Signal protocol that powers WhatsApps E2E encryption, now responded directly to the article in this blog post. Both are essentially claiming that this is not a vulnerability but a UX issue (whether or not to prominently notify the user of the change of encryption keys). Tobias Boelter again responded in this blog article, saying that it is a vulnerability that would allow an attacker to "wiretap targeted conversations".
My question is: What does a real-life attack look like that would exploit this vulnerability?
I firmly believe that very few people actually dig three levels deep into the WhatsApp settings to enable the security notifications, so let's assume that most people could be attacked without seeing the warning about a change in cryptographic keys. How, then, could a motivated attacker take over Alice's end of a WhatsApp conversation without Bob noticing?
It seems this would require the attacker to temporarily block Alice's access to WhatsApp (putting her offline, leaving Bob's messages undelivered) and then take over her WhatsApp account (how?). As long as the attacker could thereafter impersonate Alice reasonably well, Bob - not being shown a warning about the key change - would then believe he's still communicating with Alice.