A question about secure chats

shortwavesurfer, 1 year ago

Technically, yes, it is encrypted. However, Facebook still gets metadata on who you talk to, when you talk to them, how long you talk to them, your contact information, etc. As an example, if you talked to your girlfriend, then you talked to her doctor, and then you talked to your mom. There’s a good chance that your girlfriend may be pregnant, even if I did not know what was said. Or, if I know you are at the top of a bridge and that you contacted a suicide hotline… So just because it is encrypted does not mean it is safe.

remotelove, 1 year ago

That’s clever about the pregnancy.

I would have thought it was about a case of herpes that you caught from your girlfriend and then gave to your mom.

nightwatch_admin, 1 year ago (edited 1 year ago)

And that’s why privacy is important - the assumptions and decisions an algorithm makes are not necessarily correct, often not even close.

Edit:before someone wants to be smart: yes, I know it’s a joke.

PupBiru, 1 year ago

ml doesn’t understand jokes very well, so honestly it’s not a shit example lol

shortwavesurfer, 1 year ago

This made me laugh. Thanks

poVoq, 1 year ago

Also WhatsApp requests access to the phone book and is very hard to use if you deny access. This is very likely done because Facebook wants access to the stored numbers to build a social graph. Even if you personally don’t mind, it is a gross privacy violation to share the phone number of other people with Facebook.

DudeDudenson, 1 year ago

Question, how would you use a messaging app that identifies users trough phone numbers without giving it access to phone numbers?

poVoq, 1 year ago (edited 1 year ago)

By typing in the numbers, or selectively sharing them from the address book. This works fine on Signal, Telegram and Threema. Only Whatsapp makes it so that you have to share your entire address book with the app.

With some workarounds you can actually use whatsapp also without giving it access to your address book, which shows that it is clearly an intentional dark pattern by Facebook to make people share their entire address book with them to avoid the hassle.

AVincentInSpace, 1 year ago

Well said. I’m saving this comment in case I need to explain this to someone else.

PupBiru, 1 year ago (edited 1 year ago)

the other important thing with all of this is that even if your girlfriend is taking care, THEY STILL KNOW

people around you (or “you”, in this case) using these services impacts your privacy

is there anything we can do about that? probably not

but it’s worth being aware of

otter, 1 year ago (edited 1 year ago)

My understanding is that it IS encrypted, and its supposed to use the Signal protocol (Signal developed it and released it for others to use)

The problems are with

• metadata (like the other comment explained)
• closed source, so we take their word on it for how it works. It’s possible they’re being misleading or doing something shady

See this image from a few years ago: https://i.redd.it/0imry50rxy961.png

Note that signal does require this, which isn’t in the chart:

• phone number (for now)
• last active date
• sign up date (I think)

pylapp, 1 year ago

Interesting! Do you remember where you got this chart?

elvith, 1 year ago

These are just screenshots of the data privacy section from the Apple AppStore of each of the apps. Afaik those are mandatory & self reported by the devs of the app.

otter, 1 year ago (edited 1 year ago)

I think it’s from here :)

forbes.com/…/whatsapp-beaten-by-apples-new-imessa…

Also it does leave out some info, I edited my comment up top

ultratiem, 1 year ago

iMessage definitely has more hooks in than those listed. It’s an integral Apple service that’s hooked into your deeper iCloud account. And because of that, they know a lot more than just a mere “chat” app would get access to. Which likely makes it harder to quantify.

Moreover, Meta and Alphabet also cross reference a lot of data points from all the other sources they have (cookies, IP logs, etc.). Again making actual data points fuzzy or incomplete.

Agent641, 1 year ago (edited 1 year ago)

I do not consent to Signal knowing about my empty box

otter, 1 year ago (edited 1 year ago)

Oh also @Thisfox

Instead of Telegram, consider one of these, it’s easier to switch to the good one now than to try and switch again later.

www.privacyguides.org/en/real-time-communication

Signal works great for my family

Thisfox, 1 year ago (edited 1 year ago)

I have been using Telegram for… A really long time. A decade? Maybe not that long. But yeah, no reason to change from what works for me. You’re right about that.

Signal and Matrix(?) and the others all seem to be a recent development, and although I have downloaded a few, no one else has them or has heard of them, so their directories are empty as I have never found anyone who wants to connect that way. It means I don’t know how to use or teach older people how to use the software. I am trying to find a simple evidence-based way to encourage my family to change their minds, but it appears it will only make me look paranoid, so probably won’t try.

otter, 1 year ago (edited 1 year ago)

That’s fair enough, it’s really location based. Around where I am, telegram isn’t that popular. I’ve met a few people using Signal and I have friends/collegues pop up in the “____ has Signal” section of the app.

We don’t really have a dominant chat app around here, there’s a good mix of messenger/instagram/iMessage, with some groups sticking to Whatsapp/WeChat/Viber.

I am trying to find a simple evidence-based way to encourage my family to change their minds, but it appears it will only make me look paranoid

I think part of it is because it’s hard to convince people without first explaining how things work. Not much use in worrying about it if you can’t, just look out for yourself. What you COULD do is to use the private option when you need to talk about something sensitive. If the app is installed on their phone then they’re more likely to use it, and even if not then you’re looking out for yourself

pylapp, 1 year ago

You can for example have a look on the online resource below:

www.securemessagingapps.com

It is very interesting with a big comparison grid between plenty of messaging solutions.

LWD, 1 year ago (edited 1 year ago)

deleted_by_author

theskyisfalling, 1 year ago

Does it though when they control both ends. It is encrypted between each end which I guess secures against things like a man in the middle attack from outside parties but their app encrypts it on one end and decrypts it on the other. I have a very hard time believing that they don’t “read” your messages at some point in that process.

PupBiru, 1 year ago

i’ve seen the bullet points from that article riffed in different ways, but i think that’s the most important part:

• They know you rang a phone sex line at 2:24 am and spoke for 18 minutes. But they don't know what you talked about.
• They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
• They know you got an email from an HIV testing service, then called your doctor, then visited an HIV support group website in the same hour. But they don't know what was in the email or what you talked about on the phone.
• They know you received an email from a digital rights activist group with the subject line “Let’s Tell Congress: Stop SESTA/FOSTA” and then called your elected representative immediately after. But the content of those communications remains safe from government intrusion.
• They know you called a gynecologist, spoke for a half hour, and then called the local abortion clinic’s number later that day.

Brtrnd, 1 year ago

I’ve wondered if they don’t know the data. They can perfectly read the convo on your device, assign a category what you’re talking about and keeping that category. They don’t store, read, know the conversation, they only ‘analyze’ it. F.e. if you talk about planes they may assign a category travel and sell your profile to holiday companies?

I don’t know about this, I’m just thinking that’s how I’d do it if I ran an evil corp.

Zeroxxx, 1 year ago

You and family use WhatsApp to talk to each others, just like millions families out there and so far no chats have been leaked because the encryption is bypassed.

You make your own life so complicated for what?

otter, 1 year ago

This is the privacy community, and they were discussing the privacy aspect.

The concern isn’t about getting your chats leaked, there’s no incentive to just give away data that is collected. The concern is usually about a malicious group (company, government, criminals) abusing the data that they can get their hands on.

Zeroxxx, 1 year ago (edited 1 year ago)

He is talking about encryption, which I addressed. Maybe reading comprehension, eh?

Konlanx, 1 year ago

“It must be encrypted well because nothing has been leaked yet” is a very, very bad stance on encryption.

In fact, every encryption is working well until it’s broken the first time.

So no, you didn’t address shit.

Zeroxxx, 1 year ago (edited 1 year ago)

Yea yea, if even Signal Protocol cant do shit, your shit can’t do anything as well. 🤣

All you guys do is talking without any solid base. Sigh.

Konlanx, 1 year ago

That comment does not make sense.

Zeroxxx, 1 year ago

If you lack knowledge , admit it.

WhatsApp is using Signal Protocol.

sag, 1 year ago

Bro are you high or something?

Konlanx, 1 year ago (edited 1 year ago)

It is very unpleasant to communicate with you.

It is still unclear what you meant with “your shit”.

Apart from that I did not argue against the signal protocol, I argued against your idiotic stance on encryption.

Maybe reading comprehension, eh?

Zeroxxx, 1 year ago

So? We just have differing view. No more, no less.

Bring your shit elsewhere don’t present it to me.

Konlanx, 1 year ago

Are you able to coherently answer or is it going to stay like this? Because then I will end this conversation here.

Zeroxxx, 1 year ago (edited 1 year ago)

End it. I don’t need to converse with you either, I merely answered OP.

Since you ended this, be quiet and don’t spam me with notification.

velox_vulnus, 1 year ago (edited 1 year ago)

It’s a rage-bait, avoid trolls like them. Whatsapp is close-sourced - so we don’t know shit about how good their encryption is - remember how phone numbers were showing up on Google Search? Yeah. Meta also works with the local government to suppress “fake news” - so, how exactly does it know what the contents are, without breaking encryption? These are two of the most convincing reason to not use the app.

nick, 1 year ago

Give it up, you sound like either a you don’t know what you’re talking about or a you’re a bootlicker for facebook.

You’re never going to win a pro Facebook argument in this community.

otter, 1 year ago

Wider context matters

Two companies can advertise lockers with the same high quality lock, but one might still be better to use

• if one company can’t prove they are actually using the high quality lock
• if one company acts as a middleman, doing the locking/unlocking for you
• if one company watches everything you do before and after using the locker, allowing them to infer what you are using it for

Even if we specifically talk about security, one is better than the other.

Zeroxxx, 1 year ago

WhatsApp has been endorsed by Moxie himself who invented Signal Protocol. What more do you want? Long winded talk for shit?

otter, 1 year ago

Long winded talk for shit?

what

PupBiru, 1 year ago

i can’t find a single reference to that. i think you’re confused

fiat_lux, 1 year ago (edited 1 year ago)

To be frank with you, humans are the weakest security point in any system. Even if you did somehow (impossibly) 100% secure your device... you’re literally sending everything to X other family members who don't care about security anyway and take zero preventative measures. That's sort of the point of a chat app. All they would need to do is target your family instead of you to get the exact same info - this is how Facebook has everyone's telephone number and profile photo, even if they don't have an account. And if it's a WhatsApp data breach... well. Your family is just one in a sea of millions of potentially better/easier targets.

If there's anything interesting about your family chats that is actually secret info, it probably shouldn't be put into text anywhere except maybe a password manager. Just tell them not to send passwords or illegal stuff or security question info via whatsapp. It's all you can realistically do in situations like this.

We literally cannot keep all information private from everyone all the time, you have to pick and choose your battles. And even then, you'll still lose some, even if you're perfect.

Zak, 1 year ago

That’s true in the sense that if a very sophisticated organization directly targets your family chat for surveillance, they’re going to find a way to access its content no matter what communication method you use.

Threat modeling is core to security, and that kind of threat probably isn’t the issue here. Mass surveillance, both government and corporate is, and neither is likely to secretly install malware on a family-members phone that can access the contents of the group chat. Doing that to large numbers of people would get them caught; they save it for valuable targets.

Governments openly forcing the install of spyware, as I’ve read China does in some cases would be an exception; you cannot have a secure conversation involving a device so compromised.

ddnomad, 1 year ago (edited 1 year ago)

Switch to Telegram

You know it’s not even E2EE by default, and when it is it uses a homegrown algo that is not exactly well spoken of? (at least V1)

DudeDudenson, 1 year ago

But how can I virtue signal when using the mainstream app???

PupBiru, 1 year ago

for clarity, i think that the worst thing anyone’s been able to decisively prove about telegrams encryption is that it’s vulnerable to replay attacks… which in the context of privacy rather than full security isn’t suuuuper problematic

that’s not to say that there aren’t other flaws; that’s kinda the point behind “rule number 1: DONT INVENT YOUR OWN CRYPTO”: you just don’t know what flaws there are… AES (etc) has had a LOT of eyes on it

but for the most part, the negativity with the crypto boils down to what-ifs

nightwatch_admin, 1 year ago

IIRC Telegram is only e2e if you explicitly enable it, and not at all for group chats. My info is probably (and hopefully) outdated though.

PupBiru, 1 year ago

yeah that’s also correct and a very valid criticism

ddnomad, 1 year ago

And E2EE is only available on phones, circa a couple of years ago anyways

JubilantJaguar, 1 year ago

As I see it, the key advantage of Telegram is not technical, it is political.

Yes, Telegram is a slightly shady company with an ambiguous business model and a possibly-dodgy encryption algorithm (when it is even turned on).

But Telegram is based outside the reach of the West (in UAE, eastern Europe, maybe even Russia). Whatever its other problems, nobody thinks that Telegram is under the thumb of Western governments, as the Big Tech corporate messengers almost certainly are.

Personally I don’t care much if Russia or even China is spying on me. Because if we can be certain of anything in this world, it’s that Russia and China are not sharing their spyware data with Western intelligence agencies. And as Westerners we live outside the reach of the Russian and Chinese police states, fortunately. So for us it’s win-win for privacy. That’s the way I see it.

The ideal solution, of course, is a truly private messenger which protects everyone’s privacy, including Chinese and Russians.

ddnomad, 1 year ago

Telegram’s servers are located in US, Singapore, Netherlands (and maybe some other countries) from what I’ve gathered. And all chats that are not E2EE’ed are stored there, encrypted at rest at best with keys in the same database, or somewhere else that can still be accessed in automated way. Maybe it is not even encrypted at rest.

The point is, all those countries are either in 5 eyes or have information sharing agreements with 5 eyes countries. So as far as I’m concerned, TLAs can still have their fingers in those pies, in addition to Telegram’s overall shadiness and Russian ties. So maybe you get KGB strongman keeping a watch over your chats too.

This is not something I’d have much confidence in to be honest.

JubilantJaguar, 1 year ago

For the average Westerner, the threat from shady Russian agents seems orders of magnitude less serious than that from their own governments and police forces.

For EE2E, the corporate spyware messengers are asking us to take their word for it. Hard.

About the server locations, that’s interesting and does indeed undermine my argument a bit.

tioute, 1 year ago (edited 1 year ago)

deleted_by_author

nIi7WJVZwktT4Ze, 1 year ago (edited 1 year ago)

Content of the Tweet if you don’t want to click X links:

What #Telegram collects and stores:

1. Unencrypted messages, photos, videos, and files
2. Encrypted photos and videos from secret chats
3. Phone numbers and contacts
4. Metadata such as IP addresses

…

What #WireMin collects and stores:

1. None.

#Decentralization #privacy

By @WireMin

vikinghoarder, 1 year ago

I assume Whatsapp encryption is equivalent to https, your connection to the server is encrypted and “impossible” to be intercepted and decrypted, but on the server end everything arrives as clear text, so the only people that can watch your conversation is the recipient of the messages and whatsapp.

h3ndrik, 1 year ago (edited 1 year ago)

That’s not correct. WA claims to use end-to-end encryption. I have no reason to doubt that. It probably arrives encrypted at the servers, not as clear-text.

That’d also align with the business-model of big tech. They do lots of things with meta-data. And algorithms can infer lots of important things just by looking at that. I wouldn’t be surprised if they really don’t care about the exact content of WA messages.

vikinghoarder, 1 year ago

Reading whatsapp definition of e2ee seems to be the case, I stand corrected.

h3ndrik, 1 year ago (edited 1 year ago)

Yeah. I think they partnered with the makers of Signal and took the encryption from Signal back in 2014 or 2015. I still remember the first of my friends adopting WA and it had zero encryption or protection against impersonating people. I used XMPP (Jabber) back then and just shook my head.

But it’s different now.

h3ndrik, 1 year ago (edited 1 year ago)

I case they’re set on WhatsApp:

You could use something like:

github.com/mautrix/whatsapp

and bridge WA to a secure Matrix server of your choice. That way you can have a secure environment and they can use whatever they like.

Here is an overview table about messengers, in case you want to compare them and have more arguments in the discussion:

www.messenger-matrix.de/messenger-matrix-en.html

I wouldn’t consider WA secure. They do tracking, they have your phone numbers and those of all of your friends and know exactly who you talk to, when, and how often. Even if they don’t know the content of the message because it’s encrypted, that’s a lot of information for the algorithm to feed on. Apart from that, I’m not sure if they have access to the encryption keys. They might be able to decrypt everything if they want.

I’m sure someone wrote a lengthy blog article about WA. But unless someone does a proper security audit including where the encryption keys are stored and the implications of that and how extra features like breaking encryption in case someone flags an inappropriate post turns out… The ‘it’s safe’ is just a claim by your brother or Meta. You’re free to believe in anything you want. But it’s not necessarily true.

Ferk, 1 year ago (edited 1 year ago)

With the new European regulations Whatapp will soon be forced to offer some compatibility towards 3rd party apps, so there are chances that perhaps bridging in this way will become easier in the near future, or at least have some level of official support. But we won't know for certain how will it work until it happens. All we know is that Whatsapp is currently working on a way for 3rd parties to connect with them.

Personally, I'd hold for a bit to see where does that go and then decide what method to use.

h3ndrik, 1 year ago (edited 1 year ago)

I don’t want to sound overly negative here. But that idea is more a hypothetical proposal “we should do something about it” at this point. There is a working group mimi. But not even a draft or technical proposal, yet. And interoperability is hard, and they also want to come up with a solution that makes it secure, the messages confidential and maybe grant anonymous access. These problems aren’t solved at all as of today. On top you have to deal with spam, malicious servers, users, lawful interception and all kinds of things in a distributed platform. Then they need to come up with a text for the regulation. Write it, discuss and do several revisions, debate it. And there will be lobbyism against it and court cases because it cuts into the business model of large companies. Then it has to be adopted into national legislation and it will get a grace period.

So if you want to wait 'til 2029 (or so) to reply to your mom, go ahead and wait for the EU. I don’t have a crystal ball to be sure, but I highly doubt that this will happen in the next few years.

And on top, there is no guarantee that it turns out good or usable in the first place. There is a lot of lobbyism happening in the EU. Especially by big tech. They’ll find a way to make it a thing that just connects Apple, Meta and Google and exclude independant or secure services.

Ferk, 1 year ago (edited 1 year ago)

Yes, I agree that it feels unrealistic that there will be something stable and good by the time the law actually takes effect. But the regulation (the Digital Markets Act) has been already approved since 2022 and we already have a deadline for Whatsapp set by the EU: March 2024 (6 months from 6th September 2023, which is when the Commission designated Meta as "Gatekeeper" and Whatsapp as a "Core Platform Service").

So, while I'm very skeptical that the result will be satisfactory, I'm very curious to see what will Whatsapp come up with when the deadline hits, because, allegedly, they are already working on it.

h3ndrik, 1 year ago (edited 1 year ago)

Thx for the additional links!

I’m curious what Meta is going to unveil. Usually big tech companies get ahead of legislation, in order to set a standard they like, or to prevent possible more strict regulation from happening. We see the same thing with AI and practically everything the big tech companies lobby for. I’m a bit wary.

poVoq, 1 year ago

Whatsapp is under the hood still a lightly modified XMPP system, and given Zucks recent comments about federated protocols (albright in a Threads i.e. ActivityPub context), they might just get their XMPP federation working again.

FairLight, 1 year ago

Cybersec researcher here. The content of your chat is encrypted end to end. Their servers can’t read what you write. This is because they use the same protocol as signal, x3dh and double ratchet. However, they can and will collect everything else. Contact info, for example, phone, etc

BearOfaTime, 1 year ago

If you login to another device with WhatsApp, does it show your chat history? If so, then the servers have your key.

I’ve never used any FB service, so I don’t know., and I don’t know anyone who uses WhatsApp.

redeven, 1 year ago

To “link” other devices you have to scan a qr from your phone, so it’s certainly possible that during that process the devices connect and share the key, and the servers don’t have it.

Or the servers could have it. Idk, it’s closed source, that’s the problem at hand.

nightwatch_admin, 1 year ago

No, the protocol is sound enough, WhatsApp doesn’t have the key, doesn’t want the key (so they will probably not be responsible for what you are communicating with others), and doesn’t need the key - as others have put so eloquently, the metadata is rich enough for them.

BearOfaTime, 1 year ago (edited 1 year ago)

Sounds like it transfers the ID Out-of-band, so that’s good, does the desktop get the chat history then? (It’s possible it pulls chat history from the phone).

Oh, I agree with the closed source issue. That makes it a no-sale for me.

Rinox, 1 year ago

Initially you could only log in from one device, as it created a new private key every time you switched device. Then they implemented Whatsapp Web, which essentially required the primary device to be connected to the internet, the chats would then be transferred from the primary device to the secondary devices (I assume through an encrypted tunnel of some sorts). Then as of late they have implemented a new technology that allows you to share your private key among multiple devices, making them all the “primary device”. The chat history and all the messages can be shared from one device to another while encrypted. The weak spot at one point was the chat backup, which was unencrypted and stored in your Google Drive, so technically Google could have had access to all your chats. Today though, you can encrypt the backup through a password.

In theory Whatsapp has never needed to read your chats to have the functionality it has. That’s in theory because it’s closed source and we cannot know anything for certain. All this is just what Meta/Whatsapp said or pure speculation.

Lime66, 1 year ago

deleted_by_author

0xD, 1 year ago

You literally send the message you report, that has nothing to do with breaking encryption.

That’s like me showing you a letter I don’t like and then accusing you of intercepting my mail, lmao.

iturnedintoanewt, 1 year ago

Link previews however, are calculated server-side. So, yeah. They see any link posted.

Pantherina, 1 year ago

No Telegram lol. Thats way worse. Whatsapp sais they are E2EE but its all “trust me bro” because you cannot look at the code.

With Telegram its a little pain to open encrypted chats and groups are always unencrypted. So its useless.

Let them try Signal, its nearly identical but you can trust it.

Kultronx, 1 year ago

Iunno if I would say that Signal can be trusted considering their ties to the US State Dept

rmuk, 1 year ago

The beauty of using Signal with an open-source Signal client is that you don’t need to trust them, which is kind of the point.

foyrkopp, 1 year ago

Whatsapp is encrypted. The problem is the Metadata they want - i.e. your whole address book.

I do not agree to Facebook having my phone number, but if you use WA and have my number, they have it, too - even if I don’t use WA myself.

If you can convince your family to switch, use Signal or Matrix.

Otherwise, use Shelter on your phone with a limited, WA-ony address book.

TwilightKiddy, 1 year ago (edited 1 year ago)

You can actually use it without giving it contacts permission, but you’ll have to add people via short links, like wa.me/(number).

foyrkopp, 1 year ago

Good to know, thanks.

neutron, 1 year ago

In a similar situation as you (entire society revolves around whatsapp). I came to this conclusion:

1. Others won’t share my view on personal privacy at all will happily give out any metadata or data. No matter what secure channel we use, the destination (people) will always leak.
2. Because of (1), consider all communication with others as public, no matter the inferred intimacy, no matter the platform or its security.
3. Consider (2) as true even if they somehow used Signal or any secure platform, because of (1). (E.g. “Hey, did you hear about $familyMember? Yes, the weird kiddo who forced me to use some strange blue shit for chat. He got positive on blood exam for $badCondition. Go check on him”)

As for whatsapp itself, i use Android and isolate it in a separate profile, also frozen until opened. I also used a burner phone number for account registration, not my actual number.

People are more receptive of whatsapp accounts with “alternate” numbers when you explain you “got hacked in the past” or any plausible reason.

LoveSausage, 1 year ago (edited 1 year ago)

My way around the issue with the app and its collection is :

1. Install in a separate profile with empty everything. (So they get an empty contact list)
2. Install beeper in a different profil and connect WhatsApp to beeper.
3. Remove all permissions from WhatsApp. There if I need to reconnect sometime.

Oh and using fake number is also a good idea. And yes not as good as selfhosting I know. Signal is an option if you can get them to switch. Telegram is crap.

noodlejetski, 1 year ago

so now Beeper has got all of your Whatsapp messages going through their servers, unencrypted.

LoveSausage, 1 year ago (edited 1 year ago)

www.beeper.com/faq#how-does-beeper-connect-to-enc…

So yea a bit of trust put in beeper. Matrix bridge and self host is as I said better.

This is easy. For services that’s not so good to start with , like SMS , WhatsApp etc.

For sensitive stuff i use signal with a fake number. Or other channels.