216
submitted 6 months ago by cypherpunks@lemmy.ml to c/privacy@lemmy.ml
all 30 comments
sorted by: hot top controversial new old
[-] stuckgum@lemmy.ml 48 points 6 months ago

Please don’t use WhatsApp or anything FB related

[-] original_reader@lemm.ee 22 points 6 months ago
[-] fernandu00@lemmy.ml 24 points 6 months ago

Yeah..in my country it's almost mandatory to have it or you won't talk to anybody..it's the only message app most people know.. It's like windows to operating systems..people just use it and ignore that there are different ways to communicate. I tried to use other apps like telegram or signal ..nobody wants a second app to send messages..too much trouble

[-] ZeroHora@lemmy.ml 11 points 6 months ago

Brazil right? Even the government runs on that shit, is inescapable

[-] fernandu00@lemmy.ml 5 points 6 months ago
[-] fernandu00@lemmy.ml 1 points 6 months ago
[-] plant_based_monero@lemm.ee 15 points 6 months ago

I live in a whatsapp dominated country and I have tried to move people to signal time and time again, not even the tech savy will try it. I had signal for over two years and I dont have anyone to talk to

[-] variants@possumpat.io 5 points 6 months ago

Do you guys not have sms messaging, if someone I know doesn't have signal we just text them the old fashioned way

I got my brother to switch from what's app to signal finally then we got our friends who are brothers to join us, then my brothers older friends who are in the same circle joined in, then our parents recently as well. Now I'm working on getting my wife's family to let go of what's app. My wife's brother married a Brazilian ladies so he got them all on the what's app

[-] possiblylinux127@lemmy.zip 3 points 6 months ago

Damn, keep trying. You just need to wait and keep bringing it up when it is relevant.

[-] crispy_kilt@feddit.de 2 points 6 months ago

Wanna talk to me? We can exchange usernames

[-] jjlinux@lemmy.ml 1 points 6 months ago

I know your pain all to well, but when I figured my mental health and privacy were at risk, I just took the leap. It is not an easy choice. Having said that, think about these benefits:

  • from your "inner circle" those who really want to keep in touch won't mind installing another app. This give you a broader view of just how important you and what YOU consider your well-being is to each of those people.
  • may not feel that way at first, but after a few days you will start feeling refreshed by having reduced notifications dramatically. This helps for focusing on whatever you enjoy.
  • the knowledge that you're giving a tech giant less, or even nothing, is an epic feeling that can only be experienced, not described.

I also live in a country made to be driven by Meta and all its crap by the population, so much so that even the oldest and largest corporations, banks and stores have all but abandoned their websites, and handle everything over WhatsApp for transactions, and Instagram and Facebook for publicity and offers. Some of these sites have not been updated in over 10 years, and good luck getting them to reply to an email and God forbid, picking up a phone.

I've been out of that environment for almost 10 years now, and all it's done for me is make me happier, save money and give me plenty of time for video games without being disturbed.

Try it, let everyone know you're moving to (insert name of alternative and privacy focused app) and will be eliminating your WhatsApp in (whatever amount of time). Then, after the first week, disable all notifications on WhatsApp, and just check it when you feel like it. I'm not going to tell you to stop replying to people, but take longer (12 hours, 2 days, whatever you can handle) and when they ask what took you so long, just tell them what you think about WhatsApp, and that you're easier to reach on the other app. If at the end you're not comfortable, just don't eliminate WhatsApp and keep it, it's not going to harm anyone (other than your privacy, of course), and you still walk out having at least tried.

Full disclosure, I'm not young anymore, will be 50 soon, so understand that I'm in a point in life where I don't want more people in my life, I want less 🤣🤣

[-] Unskilled5117@feddit.de 26 points 6 months ago* (last edited 6 months ago)

Tldr: This is a traffic analysis attack, it exposes metadata without help or access to data from whatsapp. Other messengers are vulnerable too. It requires vast resources and access only governments have. It is not a threat model that todays messengers defend against.

The interesting part of the article ist the last one.

According to the internal assessment, the stakes are high: “Inspection and analysis of network traffic is completely invisible to us, yet it reveals the connections between our users: who is in a group together, who is messaging who, and (hardest to hide) who is calling who.”

The analysis notes that a government can easily tell when a person is using WhatsApp, in part because the data must pass through Meta’s readily identifiable corporate servers. A government agency can then unmask specific WhatsApp users by tracing their IP address, a unique number assigned to every connected device, to their internet or cellular service provider account.

WhatsApp’s internal security team has identified several examples of how clever observation of encrypted data can thwart the app’s privacy protections, a technique known as a correlation attack, according to this assessment. In one, a WhatsApp user sends a message to a group, resulting in a burst of data of the exact same size being transmitted to the device of everyone in that group. Another correlation attack involves measuring the time delay between when WhatsApp messages are sent and received between two parties — enough data, the company believes, “to infer the distance to and possibly the location of each recipient.”

Today’s messenger services weren’t designed to hide this metadata from an adversary who can see all sides of the connection,” Green, the cryptography professor, told The Intercept.

[-] Scolding0513@sh.itjust.works 22 points 6 months ago* (last edited 6 months ago)

This is a traffic analysis attack, and doesn't really have anything to do with Whatsapp specifically. The same exact thing can be done with Signal, and likely is already many times over

[-] autonomoususer@lemmy.world 9 points 6 months ago* (last edited 6 months ago)

Wrong, anti-libre software, WhatsApp, bans us from proving it's claims (E2EE ~~claims~~ lies), bans us from removing malicous source code. It is ~~vulerable~~ hostile by design.

[-] calmluck9349@infosec.pub 6 points 6 months ago

Vulnerability or feature? Lol

[-] lord_ryvan@ttrpg.network 6 points 6 months ago* (last edited 6 months ago)

TL;DR meta data isn't encrypted and read by “government agencies”. Probably Israel, but they're not saying with certainty which agencies do.
If government agencies can read these, other groups likely can, too.

“WhatsApp has no backdoors and we have no evidence of vulnerabilities in how WhatsApp works,” said Meta spokesperson Christina LoNigro.

Your vulnerability's right there, LoNigro.
Saying “oh but it affects the other apps, too” doesn't make yours less vulnerable.

[-] pennomi@lemmy.world -2 points 6 months ago

lol not sure why you’re calling out Israel specifically when likely every government on the planet is doing the same thing.

[-] Scolding0513@sh.itjust.works 4 points 6 months ago

Israel has been the center for surveillance and intelligence tech for a long time, they are at the peak, way above the NSA. The NSA is just a bunch of code monkeys honestly, they get way too much credit

[-] lord_ryvan@ttrpg.network 3 points 6 months ago

The article is, and I'm TL;DRing the article

[-] delirious_owl@discuss.online 6 points 6 months ago

The nature of these systems is that they’re going to kill innocent people and nobody is even going to know why.

When lack of privacy is literally a death sentence

[-] possiblylinux127@lemmy.zip 4 points 6 months ago

I think the bigger vulnerability is Meta and the black box

[-] crispy_kilt@feddit.de 4 points 6 months ago
[-] rmuk@feddit.uk 1 points 6 months ago

*Whomstnt've

[-] grid11@lemy.nl 3 points 6 months ago

some interesting excerpts:

The analysis notes that a government can easily tell when a person is using WhatsApp, in part because the data must pass through Meta’s readily identifiable corporate servers. A government agency can then unmask specific WhatsApp users by tracing their IP address, a unique number assigned to every connected device, to their internet or cellular service provider account.

The assessment makes clear that WhatsApp engineers grasp the severity of the problem, but also understand how difficult it might be to convince their company to fix it.

It will be difficult to better protect users against correlation attacks without making the app worse in other ways, the document explains. For a publicly traded giant like Meta, protecting at-risk users will collide with the company’s profit-driven mandate of making its software as accessible and widely used as possible.


“WhatsApp has no backdoors and we have no evidence of vulnerabilities in how WhatsApp works,” said Meta spokesperson Christina LoNigro.

That's why you slam e2e encryption banner all over the app to make this statement even more true instead of doing an independent code review that could confirmed that on paper.

this post was submitted on 23 May 2024
216 points (98.2% liked)

Privacy

32165 readers
356 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS