I live in Canada. My girlfriend is Chinese (also living in Canada), and while we are able to communicate via SMS, her mobile carrier isn’t the best, and so there have often been issues for us with regular texting. She expressed a strong preference to use WeChat, at least as a backup option for when texting fails us. While I have some pretty significant reservations, it’s not the hill I want to die on. So my question is: what can be done to use WeChat without compromising my whole phone? I’m okay with it if our conversations aren’t private, but I’d like to know that I’m not giving unfettered access to all of my phone’s systems and data to the CCP. What can be done to limit the reach of this ubiquitous app on my device?

  • viking@infosec.pub
    link
    fedilink
    arrow-up
    15
    arrow-down
    1
    ·
    7 months ago

    Whatsapp uses end to end encryption and is far from as intrusive as wechat.

      • viking@infosec.pub
        link
        fedilink
        arrow-up
        10
        ·
        7 months ago

        Nah it’s rather easy to do and has been done by security experts. If your phone is a rooted android, you can do it yourself using PCAPdroid, it’s basically a network logger that allows to install a trusted certificate as a local proxy and go man in the middle on yourself. That way you can decrypt the https traffic between your phone and the whatsapp server.

    • umbrella
      link
      fedilink
      arrow-up
      6
      arrow-down
      4
      ·
      7 months ago

      whatsapp is certainly backdoored, its closed source and unverifiable.

        • umbrella
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          edit-2
          7 months ago

          my claim is completely open, unlike whatsapp