Whatsapp CANNOT read messages when e2ee is enabled, this client-side snooping was discussed when the protocol was first implemented. Whatsapp collects a ton of metadata and social graph info, but not message content.
Well you type messages in in plain text and they decrypt it to show you the messages at the other end. So they can do the nefarious processing on the client side and send back results to the mother ship. E2EE is only good when you trust the two ends, but with WhatsApp and Messenger you shouldn’t trust the ends.
Sure, but any messaging app (including Signal) could have these backdoors in place. Heck, there’s even vectors for unrelated apps on your phone to read this data once unencrypted.
That’s actually true. We don’t know the real-time server code of Signal. Though other apps cannot read what’s written inside Signal, that’s the good part. I prefer private server + Matrix but Signal is the easiest for regular people.
Them being nonprofit has nothing to do with the pursuit of marketshare. Plenty of nonprofits want to maximize marketshare. Them being nonprofit means they are mission-driven.
Them being nonprofit has nothing to do with the pursuit of marketshare.
Um, of course it does? LOL
Them being nonprofit means they are mission-driven.
And what is that mission?
Let’s talk about what the opposite of their mission is: Mainly operating as a source of data collection and revenue for a corporate surveillance and advertising agency.
Do they want more users? Sure. Are they going to compromise on their core principles out of convenience for their users? Abso-fuckin-lutely not.
There’s also the opposite to consider: that users would decide to use WhatsApp instead of Signal because they can, which then puts you in the uncomfortable position I find myself in often where I have to tell people I’m not accepting their messages from insecure platforms.
kind of dumb they could get huge market share
Yeah, this worked so well for XMPP when everybody federated with Gmail chat.
Well, it worked out for Google when it federated with Jabber, who first open sourced XMPP.
It’s not. There is no privacy if you send your message to Whatsapp servers.
There’s even less privacy if I have to have the WhatsApp app installed on my phone to send that message.
You have the big plus of not having the WhatsApp app installed and snooping around with all those permissions it has.
Would it not be E2EE? Isn’t that one of the reasons for using the Signal protocol?
Yes, the “delivering” part would be E2EE. Do we really know the afterwards if they can read their users’ messages? They probably can.
Whatsapp CANNOT read messages when e2ee is enabled, this client-side snooping was discussed when the protocol was first implemented. Whatsapp collects a ton of metadata and social graph info, but not message content.
Well you type messages in in plain text and they decrypt it to show you the messages at the other end. So they can do the nefarious processing on the client side and send back results to the mother ship. E2EE is only good when you trust the two ends, but with WhatsApp and Messenger you shouldn’t trust the ends.
Sure, but any messaging app (including Signal) could have these backdoors in place. Heck, there’s even vectors for unrelated apps on your phone to read this data once unencrypted.
That’s actually true. We don’t know the real-time server code of Signal. Though other apps cannot read what’s written inside Signal, that’s the good part. I prefer private server + Matrix but Signal is the easiest for regular people.
Signal clients are open-source.
Signal is only officially distributed through Google Play, so their APK isn’t reproducible, and I believe it still contains binary blobs.
You can download Signal APK directly from their website.
if i remember correctly, it would be E2EE (WhatsApp and Messenger are too) but Meta stores the encrypted message on their server
Signal does not care about “market share”, they’re a non-profit.
Them being nonprofit has nothing to do with the pursuit of marketshare. Plenty of nonprofits want to maximize marketshare. Them being nonprofit means they are mission-driven.
And what is that mission?
Per the Signal Foundation’s website:
Um, of course it does? LOL
Let’s talk about what the opposite of their mission is: Mainly operating as a source of data collection and revenue for a corporate surveillance and advertising agency.
Do they want more users? Sure. Are they going to compromise on their core principles out of convenience for their users? Abso-fuckin-lutely not.
There’s also the opposite to consider: that users would decide to use WhatsApp instead of Signal because they can, which then puts you in the uncomfortable position I find myself in often where I have to tell people I’m not accepting their messages from insecure platforms.