You are viewing a single thread.
View all comments View context
49 points

The loophole in WhatsApp’s end-to-end encryption is simple: The recipient of any WhatsApp message can flag it. Once flagged, the message is copied on the recipient’s device and sent as a separate message to Facebook for review.

That practically applies to every form of digital communication. Sender/recipient has it on their end unencrypted and passes/leaks it on elsewhere

permalink
report
parent
reply
35 points

Once a review ticket arrives in WhatsApp’s system, it is fed automatically into a “reactive” queue for human contract workers to assess. AI algorithms also feed the ticket into “proactive” queues that process unencrypted metadata—including names and profile images of the user’s groups, phone number, device fingerprinting, related Facebook and Instagram accounts, and more.

Does this also happen?

permalink
report
parent
reply
5 points

Fucking woof

permalink
report
parent
reply
4 points

Please elucidate.

permalink
report
parent
reply
4 points
*

Pretty sure the more user / privacy friendly options prevent screenshots or copying from an encrypted chat, and also allow the participants to delete their messages after they were read or even a set time.

permalink
report
parent
reply
20 points

prevent screenshots or copying from an encrypted chat

Aside from the obvious analog hole, that’s only possible if the user’s device cooperates, which is never guaranteed.

There is no way to send messages to someone’s device and guarantee they won’t provide them to a third party. Technology can’t force an untrustworthy person to keep your secrets.

Signal does not attempt to stop me from taking screenshots, and all chats on Signal are encrypted.

permalink
report
parent
reply
3 points

You have some good points. I’m curious about the scenario where you need encrypted communications with an untrusted party.

I guess if you are leaking insider information to the press and need to be anonymous, but then use an anonymous account. Why would you need to send information to someone but not trust them to use the information responsibly?

permalink
report
parent
reply
18 points

Restricting screenshots is laughable security. If you can read a message then you can take a picture with a second device, there isn’t any software that can stop that.

Preventing screenshots can stop accidents and make someone think twice about it, and disappearing messages prevents returning later and looking them up, but that’s it.

permalink
report
parent
reply
7 points
*

Well yes obviously nobody can prevent the recipient from taking a picture of the screen with a second device or writing down manually what the message said.

No system is foolproof, but those features are definitely miles ahead of anything meta provides, since they dont actually want those chats to be encrypted. They want that data, it is their business model.

permalink
report
parent
reply

Privacy

!privacy@lemmy.ml

Create post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

Community stats

  • 5.5K

    Monthly active users

  • 1.8K

    Posts

  • 27K

    Comments