Highlighting the main issue here (from the article):
“This means that it is possible for the WhatsApp server to add new members to a group,” Martin R. Albrecht, a researcher at King’s College in London, wrote in an email. “A correct client—like the official clients—will display this change but will not prevent it. Thus, any group chat that does not verify who has been added to the chat can potentially have their messages read.”
ouch@lemmy.world 2 months ago
If you want your group memberships to be known only by the group members, use Signal.
sykaster@feddit.nl 2 months ago
Just be sure to add only the people you want to be there. I’ve heard someone people add others and it’s a bit messy
tias@discuss.tchncs.de 2 months ago
How bad can it be, it’s not like we’re sharing state secrets
ParetoOptimalDev@lemmy.today 2 months ago
Or simplex.chat where there are no identifiers like phone numbers or any other identifier.
Security review was done by trail of bits.
unexposedhazard@discuss.tchncs.de 2 months ago
Or P2P stuff like Briar :)
Bahnd@lemmy.world 2 months ago
Or Matrix (warning some assembly required)
new_guy@lemmy.world 2 months ago
Vanilla_PuddinFudge@infosec.pub 2 months ago
I actually found xmpp to be a breeze compared to most Matrix solutions.
Synapse is bloated, dendrite sucks and conduit is in perpetual beta and the uwu forks die too fast.
XMPP:
coconut@programming.dev 2 months ago
Just use signal is not a valid statement in a world where vast majority of people aren’t using (and won’t use) it. I have been trying to get people to install it and have a total of 6 over several years. They only use it to communicate with me.