Privacy

31803 readers

345 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Is WhatsApp bad for privacy? (lemm.ee)

submitted 1 year ago by [email protected] to c/[email protected]

61 comments fedilink hide all child comments

And if so, why exactly? It says it's end-to-end encrypted. The metadata isn't. But what is metadata and is it bad that it's not? Are there any other problematic things?

I think I have a few answers for these questions, but I was wondering if anyone else has good answers/explanations/links to share where I can inform myself more.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 18 points 1 year ago (2 children)

It might be E2EE but it's not encrypted on your phone and it's closed source. How do you know they don't send the conversation data to their company? How do you know they don't get the encryption keys to decipher the messages for them?

[–] [email protected] 5 points 1 year ago

How do you know they don't get the encryption keys to decipher the messages for them?

My guess is that they just capture keywords before you send it. They don't need to read the contents of the sent conversation when both parties to the conversation are using an app they own. They can detect keywords before sending, log and report them, then send the message encrypted. No need to retain encryption keys since they already extracted what they want.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Other apps may have code published in a repository, but the path from repository into the Play Store onto my phone is not clear. How do I know that they don't add extra tracking code on top during the build and release to the Play Store? With for example a popular alternate app, Signal?

[–] netchami 4 points 1 year ago

You don't have to use the Play Store. You can either compile Signal yourself or use a trustworthy 3rd party build of Signal. Personally, I use Molly. It's Signal for Android but with some neat tweaks. It's not even available on the Play Store, it's exclusive to F-Droid and Accrescent. You can't do any of this with proprietary garbage like WhatsApp. Neither can you modify it to add features, nor can you look at the source code or compile it yourself.