Two questions.

My family insist on using Whatsapp for the family chats. I have to keep a copy on a device just so I can communicate with them. I do so under protest, as I was always told it isn’t secure. My brother has just said

“oh Whatsapp is encrypted, it’s perfectly secure”.

First, is it actually as encrypted and safe as my brother claims? That would solve everything.

Second, if it isn’t, where can I get some proof that we should switch to Telegram or whatever? Proof which doesn’t make me look like a raving loony?

  • Otter@lemmy.caEnglish
    101·
    1 year ago

    My understanding is that it IS encrypted, and its supposed to use the Signal protocol (Signal developed it and released it for others to use)

    The problems are with

    • metadata (like the other comment explained)
    • closed source, so we take their word on it for how it works and that they’re not found anything misleading or shady

    See this image from a few years ago:

      • Thisfox@sopuli.xyzOP
        02·
        1 year ago

        I have been using Telegram for… A really long time. A decade? Maybe not that long. But yeah, no reason to change from what works for me. You’re right about that.

        Signal and Matrix(?) and the others all seem to be a recent development, and although I have downloaded a few, no one else has them or has heard of them, so their directories are empty as I have never found anyone who wants to connect that way. It means I don’t know how to use or teach older people how to use the software. I am trying to find a simple evidence-based way to encourage my family to change their minds, but it appears it will only make me look paranoid, so probably won’t try.

    • jet@hackertalks.comEnglish
      14·
      1 year ago

      Corporations love to lie with almost truths, or incomplete truths. So sure it might be end-to-end encrypted between two users, and each message is also signed with a special key that the corporation can view, or that some trusted third party carnivore system could view. That means they didn’t lie, it is end to end encrypted, it’s just three-way encrypted instead of two-way encrypted.

      Or it is end-to-end encrypted across the network, but the edge devices, ie the phones, have search capabilities built into them to deliver the messages back to the organization based on some match capability.

      And as other people indicated, closed source you don’t know what’s happening, you don’t know what’s changing, you just don’t know