Two questions.

My family insist on using Whatsapp for the family chats. I have to keep a copy on a device just so I can communicate with them. I do so under protest, as I was always told it isn’t secure. My brother has just said

“oh Whatsapp is encrypted, it’s perfectly secure”.

First, is it actually as encrypted and safe as my brother claims? That would solve everything.

Second, if it isn’t, where can I get some proof that we should switch to Telegram or whatever? Proof which doesn’t make me look like a raving loony?

  • LWD@lemm.ee
    26·
    9 months ago

    Facebook might not know the contents of the messages, but that’s all end-to-end encryption guarantees. It knows who, when, where, how, and how often… It just doesn’t know exactly what.

    Here’s a couple of extra examples to why that data, AKA metadata, can give out a whole lot of extra information about you

    https://ssd.eff.org/module/why-metadata-matters

    • PupBiru@kbin.social
      12·
      9 months ago

      i’ve seen the bullet points from that article riffed in different ways, but i think that’s the most important part:

      • They know you rang a phone sex line at 2:24 am and spoke for 18 minutes. But they don’t know what you talked about.
      • They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
      • They know you got an email from an HIV testing service, then called your doctor, then visited an HIV support group website in the same hour. But they don’t know what was in the email or what you talked about on the phone.
      • They know you received an email from a digital rights activist group with the subject line “Let’s Tell Congress: Stop SESTA/FOSTA” and then called your elected representative immediately after. But the content of those communications remains safe from government intrusion.
      • They know you called a gynecologist, spoke for a half hour, and then called the local abortion clinic’s number later that day.
    • Brtrnd@feddit.nl
      41·
      9 months ago

      I’ve wondered if they don’t know the data. They can perfectly read the convo on your device, assign a category what you’re talking about and keeping that category. They don’t store, read, know the conversation, they only ‘analyze’ it. F.e. if you talk about planes they may assign a category travel and sell your profile to holiday companies?

      I don’t know about this, I’m just thinking that’s how I’d do it if I ran an evil corp.

      • LWD@lemm.ee
        2·
        9 months ago

        Maybe. Probably. Malicious apps don’t need to transmit everything you say verbatim, they just need to pluck out the important bits of data and send that to their servers, which is far less network intensive.

    • theskyisfalling@lemmy.dbzer0.com
      3·
      9 months ago

      Does it though when they control both ends. It is encrypted between each end which I guess secures against things like a man in the middle attack from outside parties but their app encrypts it on one end and decrypts it on the other. I have a very hard time believing that they don’t “read” your messages at some point in that process.

      • LWD@lemm.ee
        2·
        9 months ago

        Which, given the history of Facebook, is a healthy sort of skepticism to have. I’m not technically competent enough to debug a closed source application or look into its encrypted HTTPS connections, although perhaps someone else could.