A question about secure chats

Two questions.

My family insist on using Whatsapp for the family chats. I have to keep a copy on a device just so I can communicate with them. I do so under protest, as I was always told it isn’t secure. My brother has just said

“oh Whatsapp is encrypted, it’s perfectly secure”.

First, is it actually as encrypted and safe as my brother claims? That would solve everything.

Second, if it isn’t, where can I get some proof that we should switch to Telegram or whatever? Proof which doesn’t make me look like a raving loony?

vikinghoarder,

I assume Whatsapp encryption is equivalent to https, your connection to the server is encrypted and “impossible” to be intercepted and decrypted, but on the server end everything arrives as clear text, so the only people that can watch your conversation is the recipient of the messages and whatsapp.

h3ndrik, (edited )

That’s not correct. WA claims to use end-to-end encryption. I have no reason to doubt that. It probably arrives encrypted at the servers, not as clear-text.

That’d also align with the business-model of big tech. They do lots of things with meta-data. And algorithms can infer lots of important things just by looking at that. I wouldn’t be surprised if they really don’t care about the exact content of WA messages.

vikinghoarder,

Reading whatsapp definition of e2ee seems to be the case, I stand corrected.

h3ndrik, (edited )

Yeah. I think they partnered with the makers of Signal and took the encryption from Signal back in 2014 or 2015. I still remember the first of my friends adopting WA and it had zero encryption or protection against impersonating people. I used XMPP (Jabber) back then and just shook my head.

But it’s different now.

belkka,
@belkka@iusearchlinux.fyi avatar

Note, Telegram Isn’t As Private As You Think

Zeroxxx,
@Zeroxxx@lemmy.my.id avatar

You and family use WhatsApp to talk to each others, just like millions families out there and so far no chats have been leaked because the encryption is bypassed.

You make your own life so complicated for what?

otter,

This is the privacy community, and they were discussing the privacy aspect.

The concern isn’t about getting your chats leaked, there’s no incentive to just give away data that is collected. The concern is usually about a malicious group (company, government, criminals) abusing the data that they can get their hands on.

Zeroxxx, (edited )
@Zeroxxx@lemmy.my.id avatar

He is talking about encryption, which I addressed. Maybe reading comprehension, eh?

Konlanx,

“It must be encrypted well because nothing has been leaked yet” is a very, very bad stance on encryption.

In fact, every encryption is working well until it’s broken the first time.

So no, you didn’t address shit.

Zeroxxx, (edited )
@Zeroxxx@lemmy.my.id avatar

Yea yea, if even Signal Protocol cant do shit, your shit can’t do anything as well. 🤣

All you guys do is talking without any solid base. Sigh.

Konlanx,

That comment does not make sense.

Zeroxxx,
@Zeroxxx@lemmy.my.id avatar

If you lack knowledge , admit it.

WhatsApp is using Signal Protocol.

sag,

Bro are you high or something?

Konlanx, (edited )

It is very unpleasant to communicate with you.

It is still unclear what you meant with “your shit”.

Apart from that I did not argue against the signal protocol, I argued against your idiotic stance on encryption.

Maybe reading comprehension, eh?

Zeroxxx,
@Zeroxxx@lemmy.my.id avatar

So? We just have differing view. No more, no less.

Bring your shit elsewhere don’t present it to me.

Konlanx,

Are you able to coherently answer or is it going to stay like this? Because then I will end this conversation here.

Zeroxxx, (edited )
@Zeroxxx@lemmy.my.id avatar

End it. I don’t need to converse with you either, I merely answered OP.

Since you ended this, be quiet and don’t spam me with notification.

velox_vulnus, (edited )

It’s a rage-bait, avoid trolls like them. Whatsapp is close-sourced - so we don’t know shit about how good their encryption is - remember how phone numbers were showing up on Google Search? Yeah. Meta also works with the local government to suppress “fake news” - so, how exactly does it know what the contents are, without breaking encryption? These are two of the most convincing reason to not use the app.

nick,

Give it up, you sound like either a you don’t know what you’re talking about or a you’re a bootlicker for facebook.

You’re never going to win a pro Facebook argument in this community.

otter,

Wider context matters

Two companies can advertise lockers with the same high quality lock, but one might still be better to use

  • if one company can’t prove they are actually using the high quality lock
  • if one company acts as a middleman, doing the locking/unlocking for you
  • if one company watches everything you do before and after using the locker, allowing them to infer what you are using it for

Even if we specifically talk about security, one is better than the other.

Zeroxxx,
@Zeroxxx@lemmy.my.id avatar

WhatsApp has been endorsed by Moxie himself who invented Signal Protocol. What more do you want? Long winded talk for shit?

otter,

Long winded talk for shit?

what

PupBiru,
@PupBiru@kbin.social avatar

i can’t find a single reference to that. i think you’re confused

infreq,

They will not switch anyway…

Thisfox,

They will if I don’t sound paranoid and can give rational answers backed up with real articles that aren’t conspiracy sites. Much of my family are teachers, everyone has at least one university degree, and is capable of rational thought and critical thinking. They just don’t see a reason to switch. I need to put forward a reason that is worth their time.

infreq,

I like your (ungrounded) optimism

LoveSausage, (edited )
@LoveSausage@lemmygrad.ml avatar

My way around the issue with the app and its collection is :

  1. Install in a separate profile with empty everything. (So they get an empty contact list)
  2. Install beeper in a different profil and connect WhatsApp to beeper.
  3. Remove all permissions from WhatsApp. There if I need to reconnect sometime.

Oh and using fake number is also a good idea. And yes not as good as selfhosting I know. Signal is an option if you can get them to switch. Telegram is crap.

noodlejetski,

so now Beeper has got all of your Whatsapp messages going through their servers, unencrypted.

LoveSausage, (edited )
@LoveSausage@lemmygrad.ml avatar

www.beeper.com/faq#how-does-beeper-connect-to-enc…

So yea a bit of trust put in beeper. Matrix bridge and self host is as I said better.

This is easy. For services that’s not so good to start with , like SMS , WhatsApp etc.

For sensitive stuff i use signal with a fake number. Or other channels.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacy@lemmy.ml
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #