• helenslunch@feddit.nl
    link
    fedilink
    English
    arrow-up
    27
    ·
    edit-2
    8 months ago

    WhatsApp uses the open-source Signal protocol

    Why are people always saying this when we have absolutely no way to verify that that’s true?

    • smeg@feddit.uk
      link
      fedilink
      English
      arrow-up
      22
      ·
      8 months ago

      Because they say they do and nobody’s yet proven that they don’t. But your point is of course valid: closed source security is nothing more than trust me bro.

      • sic_1@feddit.de
        link
        fedilink
        English
        arrow-up
        3
        ·
        8 months ago

        Apart from that I don’t get why they make that argument. If that sounds good to you, use Signal.

        • smeg@feddit.uk
          link
          fedilink
          English
          arrow-up
          1
          ·
          8 months ago

          WhatsApp’s main resource is that they grabbed more than a billion users before Facebook took over. Saying “look how secure we are” makes the casual user think there’s no need to change.

    • Dark ArcA
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      8 months ago

      It should be provable they use the protocol. That’s what goes over the wire and it can be observed.

      What’s not provable is that there isn’t a backdoor in the app that allows specific users to be targeted.

      Similarly, it’s not provable that there isn’t some client side scanning technology.

      Furthermore, it would be difficult to prove that Whatsapp doesn’t send some data back to Meta for all users masked as part of some other network operation.

      I suspect any backdoor that happens for all users or regularly would’ve been detected, but that still doesn’t mean it’s safe.

  • Seven@feddit.de
    link
    fedilink
    English
    arrow-up
    26
    arrow-down
    1
    ·
    8 months ago

    Could taking a bath in burning gasoline be dangerous?

  • encode8062@lemmy.one
    link
    fedilink
    English
    arrow-up
    14
    ·
    8 months ago

    They recommend telegram as a privacy friendly alternative to WhatsApp? Isn’t this wrong? There is no E2EE by default or in groups…

    • Cait@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      8 months ago

      Don’t rush the boomers, they barely gotten to know whatsapp and vaguely heard of telegram, you are scaring them with your funny words

  • fluckx@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    8 months ago

    I honestly wouldn’t send private content over WhatsApp or telegram.

    If the private photos you are talking about are of sexual nature I would advise against taking them in the first place. While the laws are improving around them to make distribution punishable( in some places ), you honestly can’t tell what will happen once you send it.

    People can take screenshots, save it, take a picture with a different device, … Sure, some apps prevent it, but they can’t block external devices.

    Even if the receiver saves the picture in a personal cloud archive he can still get hacked and lose it. Or somebody finds them on his device that he sent in for repair.

    If you do decide to send sexual private images. Make sure you’re not identifiable ( face, tattoo, … ). If itnxould be anyone and it leaks, it still sucks. But at least nobody really knows it is you.

    I have no idea what software I’d use. But definitely not something owned by meta or Microsoft/google/Amazon. I have reasonable faith in signal. And I suppose running your own matrix server works. While you can’t control what they do with it once received, you can at least be sure it’s scrubbed off your server.

    While the person you’re sending them to totally wouldn’t do it right now. Always assume people are petty and will do it once you get in a big argument. Or sometimes we all have bad judgement calls and people are assholes.

    If the kind of photos you’re talking about are non-sexual but just family photos and the like. I’d share the photos through a photo library. Like a photoprism you manage.

    Note: I’m not judging. Just be careful who you send which pictures.

        • EmperorHenry@infosec.pub
          link
          fedilink
          English
          arrow-up
          2
          ·
          8 months ago

          Session comes with its own anonymity network…you sometimes need a VPN to access it, but still.

          And even though there’s no quantum encryption on it yet. Whoever would try to use a quantum computer to break in would still need to use it for quite awhile on hundreds of different servers each processing thousands of different people’s traffic at any time.

    • alphafalcon@feddit.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      8 months ago

      Not the only one.

      Threema is decent, too. Crypto is comparable, and allows signups without email or phone number. It’s a paid app, though, but anonymous purchase options are available.