trash
23
@Helix@feddit.de
link
818d

Why did you link to the t/reddit thread which links a gizmodo rehash of an article and not the original article by ProPublica itself?

How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users

Incidentally, we already have a thread and a discussion about this: https://feddit.de/post/983?scrollToComments=true

@shortcakefediverse
creator
link
1
edit-2
12d

deleted by creator

@peppermint
link
4
edit-2
18d

An average reddit user is a teenager quoting their parents and their classmates, who quote their parents. For this reason they haven’t learnt to fact-check or they don’t care about security implications. Reddit, on the other hand, does not encourage discussion, it encourages orchestrated waves of upvotes, which is how it competes with other forms of advertisement and mass-media. I think r//privacy has much more quality than many other subs, but it shouldn’t surprise you nonetheless.

I haven’t fact-checked their market strategy or statistics, that’s just my guess. WhatsApp private messages have been brought up in the court of law many and many times, hoping it is secure seems rather naive to me.

AceKat
link
5
edit-2
15d

The problem is that you can’t fact-check a closed source application. They use encryption? Yeah, right, I could monitor outgoing traffic to check if they really are, but how could I even know that the encryption keys are stored safely? Besides backups on google drive are unencrypted, so every effort in encrypting messages end-to-end just for eavedroppers is useless, since they are already protected by TLS. I’ve deactivated gdrive backups and every now and then it shows me a prompt to enable it again, I can bet that the great majority of non tech-savvy people have them enabled. This isn’t a question of fact-checking or reddit teenagers, we only speculate about WhatsApp e2ee, but knowing FaceBook I don’t think there is much doubt about the reason they run a free “encrypted” service for hundreds of million of users.

@peppermint
link
017d

You probably do not know if they are stored safely. And no-one forbids the shadow user attack. At least WhatsApp doesn’t censor me like FB messenger does, it just quietly sits there until I admit to breaking the law,

@shortcakefediverse
creator
link
1
edit-2
12d

deleted by creator

@Jojonintendo
link
5
edit-2
8d

deleted by creator

@shortcakefediverse
creator
link
1
edit-2
12d

deleted by creator

@shortcakefediverse
creator
link
1
edit-2
12d

deleted by creator

GadgeteerZA
link
317d

Well only if one of the parties reports the content. That would go for any social network, like even a Signal user making a screenshot. The issue really is the end point.

@KLISHDFSDF
link
017d

I would say the issue is that they built a snitching system into their app - much like Apple’s CSAM government scanning function, the outrage isn’t what can be done now, but what can much more easily be done in the future.

There’s now a function within Whatsapp to automatically - and without letting the other party know - that their data is being sent to “big brother” - the end goal doesn’t matter. How much longer before the government asks them to create a hash of known “key words” to automatically scan your messages - client side of course, don’t want to break E2EE /s - and automatically snitch on you if it finds something they don’t like?

The problem with their system is that it only works in theory. In practice, government is power hungry and will whittle away until they get what they want - so why help them in the process?

GadgeteerZA
link
117d

You’re confusing two issues here. Apple has access to the iCloud data (that has always been known) and they do hashtag scans on it.

WhatsApp uses the Signal protocol for E2EE and they have no access to the content (zero evidence so far shown). The app on each side of course has access as that is how users read messages. Right now it is the end point app that sends the last 5 messages if the user sends a report. That is essentially the same as a user doing a screenshot, and attaching it to an e-mail report. That is really not a weakness of the encryption (the user could do it anyway without your knowledge). There is no keyword scanning. What you’re maybe thinking of, is Facebook said they want to scan encrypted data for some or other patterns to serve adverts but that, as far as we know, has not even started.

The issue I have with WhatsApp is the metadata they want to pass to FB, as there is nothing users (who use it) can do as that is not encrypted.

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 37 users / day
  • 82 users / week
  • 215 users / month
  • 618 users / 6 months
  • 3488 subscribers
  • 1892 Posts
  • 8436 Comments
  • Modlog