this post was submitted on 25 Oct 2024
20 points (83.3% liked)

Privacy

32165 readers
226 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I have to use Whatsapp, unfortunately. Are there any good alternatives to the default app on Android?

I'm worried about all the data it shares with Meta. I denied all permissions but this makes it less convenient, and the app probably still sends over the data that available without them.

all 38 comments
sorted by: hot top controversial new old
[–] [email protected] 12 points 1 month ago (2 children)

I only know you can use it via Matix with a bridge, but the setup is quite involved, not just an App on your phone. Plus the metadata is still shared with Meta, like who you talked to and when, which they can build a profile and a social graph.

[–] [email protected] 9 points 1 month ago (1 children)

This is true.

I use WA via the Matrix bridge. WA requires the official mobile app (not web) to connect every 14 days, so you need to have it on a separate profile, a spare phone or do a complicated Android emulator setup... To be usable you need to allow the WA app access to your contacts, which results in Meta getting just about the same metadata from you it would via using the official app.

If I wasn't using Matrix for other things like notifications from servers, I wouldn't bother with this. The only upside is having only one app for messaging. The bridge system itself works really well, nothing bad to say there.

[–] [email protected] 1 points 1 month ago (1 children)

complicated Android emulator setup

Wait, so a normal stock Waydroid/Bliss/Android-x86 wouldn't work? They need some extra settings?

[–] [email protected] 2 points 1 month ago

It might work, I haven't tried. But I think that's also quite complicated for most people.

I've also heard quite a few people getting their number banned by only running in an emulator. If it's an older WA account, it's probably safe, but I wouldn't do it on a fresh number.

[–] [email protected] 2 points 1 month ago (1 children)

I used a setup like that, but there were 2 things that I didn't like

  • I had to keep Whatsapp on my phone and open it every 2 weeks, because without it the bridge would just die (so why not just use it anyway?).
  • The app I had used a lot off battery, which was a dealbreaker for bike/backpacking trips.
[–] [email protected] 1 points 1 month ago* (last edited 1 month ago) (1 children)

When was this?

I've been using WA through a matrix bridge over a year, and I don't think I've opened the WA app since setting it up. I do have to keep it installed, and allow it to run in the background.

It, or my matrix app, doesn't seem to significantly drain my battery more than normal.

Is the once every two weeks thing an old requirement? I've never needed to deal with something like that.

[–] [email protected] 1 points 1 month ago (1 children)

This summer? I disabled the WA app on my phone, though, so there was no background activity.

My matrix app (an Element fork) had several bridges and multiple chats, I feel like they were all synching in the background. I haven't noticed that when I was at home, but when I was camping, battery going from 100% in the evening down to 70% in the morning was a problem.

[–] [email protected] 1 points 1 month ago* (last edited 1 month ago) (2 children)

How did that even work at all? All activity goes THROUGH the WA app. WhatsApp only allows one real client to be connected, all other clients (other devices with the app linked to the first device, bridges, whatsapp web sessions, etc. they all still go through your "main device"). If you turn your "main" phone with the whatsapp app off, for example, all others stop working.

Looking it up, the bridge connection expires without activity at least every fourteen days to keep your account active in general. As long as you allow the app to run (which it has to do anyway, because that's how WA works) it'll do that on it's own I think, no need to open it every fourteen days. Or at least, I've never had to. My bridge connection is literally over a year old, and I've definitely gone months without opening the actual WA app in that time.

I run my own instance and bridges.

I use fluffychat on mobile. Though I also have element installed as fluffy doesn't support all message types, and has some bugs despite the nicer (imo) UI.

As for the battery drain of element, that's something you'll have to look into yourself. One of my own qualms with matrix atm is that there's no really excellent mobile client for it... It's all kinda meh. There's element which is feature complete but has a bunch of issues, or there's stuff like fluffy, which is nicer, but not feature complete, and still has issues.

[–] [email protected] 2 points 1 month ago (1 children)

The official app doesn't need to be running constantly. It only needs to connect to Meta's servers once every 14 days.

The Mautrix-Whatsapp bridge will send a notification couple of days in advance to warn you if the main device hasn't been active.

[–] [email protected] 1 points 1 month ago

Read further into the thread.

[–] [email protected] 1 points 1 month ago (1 children)

Look up “Beeper”. It's not about privacy, rather about convenience. They run bridges for you. Nothing went through the main app, but I had to authorize Beeper through WA as a separate session. It would die in 2 weeks with WA disabled, like I said, but I guess if I kept WA enabled this wouldn't have happened.

[–] [email protected] 2 points 1 month ago* (last edited 1 month ago) (1 children)

You are mistaken.

I know it's about convenience. That still isn't how whatsapp works.

Using WA you cannot be logged in on more than one device. If you do log in for real, the previous device stops working. All additional devices have to be linked to the first one, and they access the service through that one main device.

You can't use secondary "linked" devices or sessions if the main device is off. Try it. Open whatsapp web, login, then turn off your phone. The web session will stop working until you turn the phone back on, because it doesn't actually connect to WA, it connects to your phone. Only your phone is what is actually connected to WA servers.

All "linked" devices/clients/bridges work this way. All available whatsapp bridge software works by pretending to be an additional "device", and as such suffers all the same limitations.

And Beeber doesn't do anything special, their systems are based on matrix. In fact I'm literally running the exact same bridge software they do.

Edit: Something has changed. This used to be true. Somewhere along the years WA has significantly changed how their systems work. I can only assume they buffer activity for 14 days and somehow defer the synchronization of content with the main client, because all the same limitations of devices being subordinate to a main session apply.

The most mind-boggling is the alteration that multiple client devices are now allowed, but also not really.

And they still require that user history be monolithically stored by the user, on their MOBILE device. And the only way to have a backup is through their backup solution, and god-forbid you press the wrong button when setting up a new device, because not restoring when the one chance is given, means everything is gone forever.

The main reason I use whatsapp via a bridge, is to have my message history stored on a proper server, so I don't have to do the restore backup BS whenever I switch devices. I just re-link the bridge and go.

[–] [email protected] 1 points 1 month ago

This is a good little story, I enjoyed reading it :)

Yes, having message history and a good desktop client are great benefits of a bridge.

[–] [email protected] 7 points 1 month ago (1 children)

Afaik there were some custom clients for it in the past but WhatsApp broke them at some point. They even randomly ban phone numbers of those who try to use the official app on a custom Android ROM. Unfortunately the most you can do is get a separate physical device just for it.

[–] [email protected] 4 points 1 month ago (1 children)

Really? Romming since they day it existed, never had a problem with it

[–] [email protected] 2 points 1 month ago

Not everyone gets banned but some people do. I've seen a lot of cases in my phone's support group on Telegram.

[–] [email protected] 6 points 1 month ago* (last edited 1 month ago)

Auto reply with Watomatic and always real reply late on WhatsApp:

🤖 Automated Reply

💬 I reply faster on example.org

⁉️ WhatsApp is anti-libre software. We do NOT control it. It withholds a libre software license text file, like GPL.
[–] [email protected] 3 points 1 month ago

The solution is to not be available in the first place... can I have your number? nope don't have one ... So how can we keep in touch we can't ... There's this thing called simpleX I once in a blue moon check if you want to try ... Convinced one friend till now ... He doesn't answer on it :( Hope to meet you in person one day would be a nice to knew someone privacy aware

[–] [email protected] 3 points 1 month ago (1 children)

Let's say there was a perfect API present and WA allowed you to use a completely FOSS app witch didn't share any data with FB. But still FB will know everything they can still access all the metadata like earlier. The only thing they can't access is analytics data but that can be easily blocked by DNS. And as far as Add ID goes use graphene OS it protects against that by giving each app different ID. So even if FB collaborated with other services to collect data as they do they won't be able tie all back to you.

[–] [email protected] 4 points 1 month ago

I guess the stuff I was worried about was contact list sharing, Google Advertising ID, installed app list, and who knows what else a native app can access. Good to know that Graphene has that protection, I guess I'll worry less about using WA.

[–] [email protected] 3 points 1 month ago

WhatsApp bridge on a matrix server self hosted is prolly as good as it gets. Run Android on a VM for the WhatsApp Android app on it

[–] [email protected] 1 points 1 month ago* (last edited 1 month ago) (1 children)

No.

There is no public API (nor any efforts to reverse engineer the one used by the official app afaik). WA is also client to client encrypted, meaning all your messages are only ever stored in one "main" installation of the official app, as well as in a backup file that whatsapp will put on either your google or apple cloud storage.

All the alternative apps/bridges for interacting with WA use the Whatsapp Web API to talk to your main client, which in turn talks to WA. There is no way around using the main whatsapp app, everything else still has to be used through it.

[–] [email protected] 2 points 1 month ago (1 children)

I've seen WA mods (basically rebuilt .apk files), but I don't know much about them, and therefore they seem shady.

[–] [email protected] 1 points 1 month ago

Ah. I guess you might remove some metrics or some such that way, but that's not a very transparent way to achieve that unless you dig in personally.

[–] [email protected] 1 points 1 month ago

Wasn't there eu regulations in the making that were about standardisation of messing protocol that would make messaging apps interchangeable?

[–] [email protected] 0 points 1 month ago (1 children)
[–] [email protected] 4 points 1 month ago (1 children)

This and the automated reply achieve precisely nothing you're setting out to do. People won't register in a service or install a new app solely to talk to you.

[–] [email protected] -1 points 1 month ago* (last edited 1 month ago)

Wrong, they already have. What are you doing wrong?