Comment on Ping! The WhatsApps that should have been an email
DomeGuy@lemmy.world 3 days agoMeta using the name of a formerly independent company for their current pseudo-private messaging app does not mean said app meaningfully predates the one whose tech they use.
signal.org/blog/whatsapp-complete/
(Please share if you have a link arguing the opposite.)
More importantly, the encryption in Whatsapp is closer to HTTPS than it is to PGP. It keeps anyone except Meta or the recipients from keeping a record of what you say, but you should absolutely assume Meta is recording what you say on WhatsApp.
(And you should also assume anyone you talk to is keeping a record as well.)
CameronDev@programming.dev 3 days ago
Whatsapp still predates signal, they just migrated the network across. And your own link confirms that.
Also, whatsapp, by your own link is e2e encrypted using the signal protocol. That does not make it “like https”. Whatsapp could snoop your messages off your device, but they cannot read them as they pass over their server.
DomeGuy@lemmy.world 3 days ago
You are assuming good behavior on the part of a corporate giant grown out of a social media site literally founded to spy on its users. A company who is literally being sued for their claims that their chat app is meaningfully encrypted
indianexpress.com/…/whatsapp-lawsuit-encrypted-me…
Even if Meta isn’t currently including themselves as a hidden participant in every WhatsApp chat, you should assume that they can do so and act as if they will do so.
Odds are pretty good that their encryption usage is good enough for any lawful behavior you may engage in, but you shouldn’t trust Meta or any software they provide with anything that would destroy your life if it was revealed.
CameronDev@programming.dev 3 days ago
Them including themselves as a participant still does not make it “like https”.
Being sued also doesn’t mean anything, anyone can be sued at any time, and there does not need to be a basis in reality for it to go ahead. It is not proof of anything.
They control the app, they can obviously steal the messages if they wanted to, but you are making very strong claims with zero evidence.
I don’t like meta any more than you do, but if you are going to make claims of “like https”, bring actual evidence.
DomeGuy@lemmy.world 3 days ago
If you don’t like meta any more than I do, why are you arguing so strongly that they deserve the benefit of the doubt?
And, more interestingly, what precisely do you mean that Meta including themselves as a recipient in every WhatsApp chat would not render their E2E encryption equivalent to HTTPS?
AFAIK both are in-transit encryption that prevents casual monitoring by other entries along the network path between you and the person you’re chatting with, but expose you to undetectable monitoring on the part of the service provider.