Type what you’re looking for and press Enter.

WhatsApp cannot be trusted; I won’t be using it much longer

I’ve been planning to stop using WhatsApp and other social media applications for a while now and a recent blog post on Forbes justifies that move even more. Here’s from “The Encryption Debate Is Over – Dead At The Hands Of Facebook” (July 26th 2019):

In Facebook’s vision, the actual end-to-end encryption client itself such as WhatsApp will include embedded content moderation and blacklist filtering algorithms. These algorithms will be continually updated from a central cloud service, but will run locally on the user’s device, scanning each cleartext message before it is sent and each encrypted message after it is decrypted.

The company even noted that when it detects violations it will need to quietly stream a copy of the formerly encrypted content back to its central servers to analyze further, even if the user objects, acting as true wiretapping service.

Facebook’s model entirely bypasses the encryption debate by globalizing the current practice of compromising devices by building those encryption bypasses directly into the communications clients themselves and deploying what amounts to machine-based wiretaps to billions of users at once.

The problem is that if Facebook’s model succeeds, it will only be a matter of time before device manufacturers and mobile operating system developers embed similar tools directly into devices themselves, making them impossible to escape. Embedding content scanning tools directly into phones would make it possible to scan all apps, including ones like Signal, effectively ending the era of encrypted communications.

Security expert Bruce Schneier had also blogged about the above article, but later published a “correction”, stating that:

Yesterday, I blogged about a Facebook plan to backdoor WhatsApp by adding client-side scanning and filtering. It seems that I was wrong, and there are no such plans.

The only source for that post was a Forbes essay by Kalev Leetaru, which links to a previous Forbes essay by him, which links to a video presentation from a Facebook developers conference.

However, he also mentions that Facebook, so far, doesn’t seem to want to release an official statement on company letterhead denying what the Forbes article mentioned:

Facebook desperately wanted to convince me to correct the record, while at the same time not wanting to write something on their own letterhead (just a couple of comments, so far).

The author of the article, Kalev Leetaru, has since updated the article with the following:

On July 25th, WhatsApp’s parent company Facebook did not dispute the characterization posed to it that it planned to “moderat[e] end to end encrypted conversations such as WhatsApp by using on device algorithms,” with the spokesperson pointing to Zuckerberg’s own blog post calling for precisely such filtering. This afternoon [August 2nd, 2019], Vice President of WhatsApp Will Cathcart contradicted this, offering “we have not done this, have zero plans to do so, and if we ever did it would be quite obvious and detectable that we had done it. We understand the serious concerns this type of approach would raise which is why we are opposed to it.” Yet asked how WhatsApp planned to meet Zuckerberg’s call for the ability to detect illegal content within its end-to-end encrypted products, including WhatsApp, without such in-client scanning […], Carl Woog, Director of Communications for WhatsApp declined to comment […].

Given that Facebook has demonstrated countless times that they lie through their teeth and cannot be trusted, the above tells me enough. Add to this the following:

Antigone Davis, Facebook’s head of global safety, told The Register: “Facebook appreciates the discussion with the Five Country Ministerial. People should expect that we will do everything we can to keep people safe on our services within the limits of what’s possible in an encrypted service. As our CEO Mark Zuckerberg promised, we’ll consult with safety experts, law enforcement and governments through 2019 and beyond on the best ways to implement safety measures before fully implementing end-to-end encryption.

Keep in mind that Mark Fuckerberg plans to integrate and unify the underlying communications technology behind Facebook Messenger, WhatsApp and Instagram too. So they’re all fucked as far as I’m concerned.

I’ve been using Windows Phone for a few years now but Microsoft has decided to stop supporting that platform by the end of this year. Consequently all the big social media platforms are also dropping support for Windows Phone. I was already planning to stop using most social media applications because of all the censorship, social engineering, security and privacy issues, and the fact that I’m soon not going to be able to use most of them on my phone will speed things up.

In the short term I’m probably going to switch from WhatsApp to using Signal (which is liked by both Bruce Schneier and Edward Snowden). And no, I’m not going to use Telegram because it doesn’t have end-to-end encryption enabled by default, although most people are fooled into thinking that it is more secure than WhatsApp.

As for other social media platforms, I won’t be on most of them for much longer. If you want to stay in touch and receive updates from me, now is a good time to subscribe to my blog using the subscription form in the footer of this page, or in the sidebar on my blog’s homepage.

Comments

There are 0 responses. Follow any responses to this post through its comments RSS feed. You can leave a response, or trackback from your own site.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.