Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

WhatsApp and Signal messages at risk of surveillance following EncroChat ruling, court hears | Computer Weekly

⁨236⁩ ⁨likes⁩

Submitted ⁨⁨3⁩ ⁨months⁩ ago⁩ by ⁨Alb087@lemmy.ml⁩ to ⁨technology@lemmy.world⁩

https://www.computerweekly.com/news/366596534/WhatsApp-and-Signal-messages-at-risk-of-surveillance-following-EncroChat-ruling-court-hears

source

Comments

Sort:hotnewtop
  • autonomoususer@lemmy.world ⁨3⁩ ⁨months⁩ ago

    Anti-libre software, WhatsApp, bans us from proving its E2EE claims, any claims. It bans us from forking its source code, removing backdoors. Stop promoting “just bro as bro software” in the same title.

    source
  • FrostyPolicy@suppo.fi ⁨3⁩ ⁨months⁩ ago

    Wonder how they’d manage that as they both are E2EE.

    source
    • umami_wasbi@lemmy.ml ⁨3⁩ ⁨months⁩ ago

      A French and Dutch Joint Investigation Team (JIT) harvested more than 115 million supposedly encrypted messages from an estimated 60,000 users of EncroChat phones after infecting the handsets with a software “implant”.

      Looks like they just hack the phone

      source
      • otter@lemmy.ca ⁨3⁩ ⁨months⁩ ago

        en.m.wikipedia.org/wiki/EncroChat

        So this sounds like the ANOM phone story with extra steps?

        source
      • original_reader@lemm.ee ⁨3⁩ ⁨months⁩ ago

        How does one get an “implant” onto a phone?

        source
        • -> View More Comments
    • RmDebArc_5@sh.itjust.works ⁨3⁩ ⁨months⁩ ago

      Apparently what happened is that French police installed some of malware on the phones to read the messages, and this was now decided to be legal in the UK.

      source
      • linearchaos@lemmy.world ⁨3⁩ ⁨months⁩ ago

        Damn, we’ll need those linux phones working soon.

        source
        • -> View More Comments
    • pwalker@discuss.tchncs.de ⁨3⁩ ⁨months⁩ ago

      Honestly mentioning Enchrochat together with other mainstream message clients is kind of misleading. The Enchrochat message client was also E2EE. However Enchrochat was also a company that sold their own mobile phones with a prorietary OS on it together with own sim cards and only those phones were able to connect to each other. And law enforcment had enough evidence that they sold those hardware in shady untracable ways similar to drugs. At that point there was no western government that didn’t want to help seizing their infrastructure and taking over their update services for example.

      The bigger problem however for the general public is that certain politicians want to break encryption all together by forcing companies to implement backdoors on client side. This has been an ongoing discussion for 2 years in EU parliament and it has to stop: eff.org/…/now-eu-council-should-finally-understan…

      source
      • conciselyverbose@sh.itjust.works ⁨3⁩ ⁨months⁩ ago

        And law enforcment had enough evidence that they sold those hardware in shady untracable ways similar to drugs

        It doesn’t matter. Using that phone or app cannot possibly be anywhere close to probable cause for a search.

        source
    • redditReallySucks@lemmy.dbzer0.com ⁨3⁩ ⁨months⁩ ago

      With a warrant they could probably force signal/whatsapp to inject Malware into their apps to spy on users.

      Don’t know how possible it is with signal and their reproducible builds. They would need to add this to the source code of the app.

      source
      • otter@lemmy.ca ⁨3⁩ ⁨months⁩ ago

        Could they though, I thought signal would just leave the market

        source
    • 30p87@feddit.org ⁨3⁩ ⁨months⁩ ago

      Especially with Signal being open source. What stops the official Signal company from advertising another fork?

      source
      • einkorn@feddit.org ⁨3⁩ ⁨months⁩ ago

        The server software is not open source.

        source
        • -> View More Comments
      • kubica@fedia.io ⁨3⁩ ⁨months⁩ ago

        "Gruyere Signal"

        source
    • Routhinator@startrek.website ⁨3⁩ ⁨months⁩ ago

      WhataApp has MITM on the server side which is how Facebook scans your messages for targeted adverts. E2EE on WhatsApp was a fantasy the moment Facebook bought it.

      source
  • helenslunch@feddit.nl ⁨3⁩ ⁨months⁩ ago

    Meta has all the power here. WhatsApp is ubiquitous in the EU. If they just shut it down, so many systems would be utterly fucked. They have to walk it back.

    But I’m sure they don’t have the balls and don’t care, they’d just point at the gov and say “they made us do it!”.

    source
    • Nomad@infosec.pub ⁨3⁩ ⁨months⁩ ago

      UK… Not EU… Haven’t you heard of Brexit? They wouldn’t be allowed to do shit like that in the EU.

      source
      • helenslunch@feddit.nl ⁨3⁩ ⁨months⁩ ago

        Listen. I’m American. You can’t expect me to keep up with all the incredibly confusing regions and governments over there.

        source
        • -> View More Comments
      • catloaf@lemm.ee ⁨3⁩ ⁨months⁩ ago

        The EU is literally trying to do it right now: theverge.com/…/eu-chat-control-law-propose-scanni…

        source
        • -> View More Comments
  • CircuitSpells@lemmy.world ⁨3⁩ ⁨months⁩ ago

    Can someone explain how this is even possible with a service like Signal? I was under the impression that encrypted messages can’t be intercepted.

    Extremely frustrating either way, I hate constantly having to manage different messaging services with different people and I’d really like to not have to add one more if signal becomes compromised.

    source
    • AProfessional@lemmy.world ⁨3⁩ ⁨months⁩ ago

      It’s all client side. It even mentions infected clients.

      source