6
bcye
121d

Haven‘t really understood this. If WhatsApp is End to end, why is it so avoided by people who are privacy conscious. Is it because of the contacts? Or what data do they collect?

Comments
  • 9
    facebook owns whatsapp man... not enough lol?
  • 1
    @BadCompany yeah so just because they own it means they can access encrypted chats?
  • 3
    @Artemix Disabled? I always saw this chat is end to end encrypted at the top of all of them
  • 6
    @bcye
    Whatsapp uses the encryption-algo of signal.
    But since WA is proprietary, no one can tell, if WA's implementation is actually secure.
  • 2
    @metamourge couldn’t this be checked using wireshark or so. I mean if it’s encrypted you should see the encrypted traffic
  • 2
    ofc they can, if they do it is another question, i dont think its much value to them the messages... its in their privacy statement that they can store data and pictures and even use it where they want in the future. U agree to it while installing, not everyone is comfortable with this
  • 1
    @BadCompany so they care more about who you chat with and how often etc.?
  • 2
    yeah, userdata, eventually it just comes to making money. if they know who u r a lot in contact with they can show u more ppl u r familiar wuth on fb who liked this and that enhancing the chance u buy smt etc,
  • 1
    @BadCompany but what do they do with the millions of users who don’t have a fb account
  • 1
    i have no idea man, maybe whatsapp secretly put them in the 'freeloaders' group? 😂
  • 1
    @BadCompany 😂 maybe they are able to join this with the „shadow profiles“ (if they’re a real thing)
  • 1
    @bcye You don't really believe WhatsApp uses secure encryption, right? Also, metadata is passed unencrypted. Metadata can tell more than the actual message itself.
  • 2
    @bcye
    It's not really about if the messages are encrypted.
    Its about, if the encryption is secure,
    If WA can decrypt your messages,
    If your private-keys are predictable,
    If WA even saves your private-keys.
  • 1
    @PrivateGER why shouldn’t they? I mean it would be a pretty huge scandal if it comes out encryption in Whatsapp was a straight lie
  • 5
    @bcye Well, WA is integrated into the PRISM network. Look it up if you don't know what it means. But basically, some governments can order WA give out data without further reasoning. If the gov wants to, even backdoors have to be built in.
    @linuxxx wrote a seriously great article about this on https://muchsecurity.nl.
  • 11
    Im not saying whatsapp is insecure but

    The russian government wanted to ban telegram for not providing them data of the users

    The russian government didnt want to ban whatsapp

    So...
  • 3
    @PrivateGER cant access the link
  • 2
    @PrivateGER @devTea it’s much-Security.nl
  • 3
    @bcye thank you!
  • 5
    @bcye they have the decryption keys. P.s. if any legal authorities approach for these keys for a user, WhatsApp doesn't object at all.

    I prefer telegram over WhatsApp, they are more secure and they've got some balls to object legal authorities.
  • 5
    @sharktits you speak wisdom.

    That's a lot of wisdom for tits.
  • 3
    It's closed source so good luck checking anything and also:

    Metadata, anyone?
  • 3
    @vocuzi Telegram uses more insecure crypto.

    Did an article on that: https://much-security.nl//...

    (@PrivateGER)
  • 4
  • 1
    @devTea I'm still unsatisfied with the amount of metadata that they store but other than that it seems to be okay
  • 2
    As for the metadata, it works like this:

    They can't see the content itself, but they can see:

    Message size
    From
    To
    Location (possibly)
    Ip address and thus geolocation
    Date
    Time

    This information is often even more valuable than the content itself.

    Next to that, loads of people use backup methods like Google drive, the data is uploaded unencrypted thus making it quite easy for agencies to get it as at least Google is directly integrated within an NSA powdered global mass surveillance network.
  • 1
    Everyone will store their whatsapp backups unencrypted on Google Drive
  • 2
    @linuxxx How do these mass surveillance platforms work? do you know if they just hand over the server creds?
  • 1
    @bcye No clue, that information hasn't been made public. And if it wasn't for Snowden, we wouldn't even know about this at all.

    There's a list with companies who are integrated, though. Although its hard to confirm, for my own security I'm believing that list.
  • 1
    @linuxxx it’s just hard to believe for me that they really have access to so many different databases, etc.
  • 2
    @bcye It's not for me. They want to know everything about everyone and can get that information by the following means/programs:
    PRISM
    XKeyScore
    Upstream
    Fascia
    Optic Nerve (old)
    Boundless Informant
    Dish fire

    I know a great documentary/interview with an nsa whistle blower if yours interested? It's nearly 2,5 hours but very interesting.
  • 1
    @linuxxx interested.
  • 1
    Also interested.
  • 3
  • 1
  • 2
    @linuxxx and let's not forget about how FB loves people that aren't on FB - gathering data about them this way is a gold mine.
Your Job Suck?
Get a Better Job
Add Comment