Oddbean new post about | logout
 stop 👏🏻 using 👏🏻 whatsapp 👏🏻 it has been compromised since fb/meta took it over

How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users

"WhatsApp assures users that no one can see their messages — but the company has an extensive monitoring operation and regularly shares personal information with prosecutors."

use #simplex (more private) or #molly (a hardened fork of #signal) instead for actual e2ee messaging

#cybersecgirl #privacytechpro #facebook #meta #whatsapp #privacy #comsec #opsec #infosec

https://www.propublica.org/article/how-facebook-undermines-privacy-protections-for-its-2-billion-whatsapp-users

nostr:nevent1qqsyymrfnte87flvl7f2nmmtd5tlrmzhsyr2llv5f0ya8urv5c4dnjqpr3mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmqzyp8t3qcs666wm9wx6e4rjkea8n64nwzl4my0w6ga4l2qt2fwq4wk6qcyqqqqqqg2ptr0n 
 It's a great piece of advice, unfortunately in some places it's not applicable 😵 
 what place can you not access #simplex using a vpn with orbot/tor? 
 works in iran, china, etc. not sure about n. korea, but i assume it also needs to be downloaded before entering the country etc. 
 I say this because the use of WhatsApp is deeply rooted in certain places where it is valued how “free” it results in mobile data plans offered by telephone operators. Privacy is not a priority in those cases. 
 I just read the article.
Basically Meta can see the last 5 messages if the recipient reports the last message to Meta. The rest is end-to-end encrypted. Always.
If you send stuff to your trusted friend, Meta can't see anything unless they're not your friend and report your message to Meta.
Don't get me wrong. I haven't used WhatsApp, Fb or Instagram in years. But I think it's actually a good thing to offer a way to report illegal content.
None of that applies to FB and Instagram. They have no encryption whatsoever and all your messages are read by an AI. 
 WhatsApp currently shares certain categories of information with Facebook Companies.

“We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings, including the Facebook Company Products,” says WhatsApp.

"The information we share with the other Facebook Companies includes your account registration information (such as your phone number), transaction data, service-related information, information on how you interact with others (including businesses) when using our Services, mobile device information, your IP address, and may include other information identified in the Privacy Policy section entitled ‘Information We Collect’ or obtained upon notice to you or based on your consent," it adds.
 https://www.techradar.com/news/whatsapps-new-privacy-policy-requires-you-to-share-data-with-facebook 
 Yeah. That was actually when I stopped using WhatsApp. 
 Well I don't want to defend whatsapp , I have it restricted on graphene os work profile and I don't have meta ... However the article tells that it does not break e2e encryption and it only handle reported abuses .. 
 WhatsApp currently shares certain categories of information with Facebook Companies.

“We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings, including the Facebook Company Products,” says WhatsApp.

"The information we share with the other Facebook Companies includes your account registration information (such as your phone number), transaction data, service-related information, information on how you interact with others (including businesses) when using our Services, mobile device information, your IP address, and may include other information identified in the Privacy Policy section entitled ‘Information We Collect’ or obtained upon notice to you or based on your consent," it adds.
 https://www.techradar.com/news/whatsapps-new-privacy-policy-requires-you-to-share-data-with-facebook 
 Most people end up enabling PLAINTEXT cloud backups because the all encourages that. e2ee definitely is broken for most people 
 App" 
 App* 
 I want to follow this advice but unfortunately whatsapp is the de facto standard in the EU.
I use simpleX and molly with whoever I can but still need whatsapp in order to have any kind of social life.

I don't have any expectation of privacy when using whastapp, same as telegram. I use it to keep tabs of friends and arrange plans.

There's still things you can do to improve privacy on whatsapp:
* Don't have a facebook account
* Don't volunteer any account metadata: name, profile photo, contacts
* Disable chat backups to google drive
* Use a VPN or Orbot
* Never share sensitive data
* Don't allow anyone to add you to large groups without your consent
* Use a no-kyc phone number from silent.link

nostr:nevent1qqspw5nl8k8l9q8qn8ft5aj5eyfeytygnymrxa32yqd68hx47dtlygspz9mhxue69uhkummnw3ezuamfdejj7q3qf6ugxyxkknket3kkdgu4k0fu74vmshawermkj8d06sz6jts9t4ksxpqqqqqqzqckntu 
 Chm, for me WhatsApp is weird, not very social indeed. To the groups of friends that I have there, I sometimes post some anarchist stuff. Always total radio silence afterwards...
☺️🥱 
 But what actually is a best solution for family use? 
You know, my parents and grandparents are using WhatsApp and I use it to communicate with them. 
What is a best friendly app for old ppl with at least some security? 

I’ll try to convince them to switch, bcs WhatsApp is only my one account in Meta ecosystem.
Actually I guess still that if I have allowed to delete my data daily on WhatsApp it would not matter to security?
👀
#plebchain 
 Do even signal is on good?? 
 yes. signal is a good privacy focused option for user adoption. it requires a phone number and metadata is still visible though. simplex is more private but normies might be reluctant to use it