homesweethomeMrL@lemmy.world
on 17 Oct 2024 15:37
nextcollapse
😱
blackfire@lemmy.world
on 17 Oct 2024 18:32
nextcollapse
Shocked I tell you. They were fingerprinting all along.
idunnololz@lemmy.world
on 18 Oct 2024 00:05
collapse
I think you might have misread the article (or maybe I have?). I think the article is saying that other people (a 3rd party that is not Meta) can use some metadata clues to puzzle out which OS a user is using WhatsApp from. The article then says this is bad because an attack can target specific OSes or tailor their attack to the user’s OS. Eg. Hacker has an evil link that abuses an exploit on Android only. They can figure out who is signed into WhatsApp on android and only send those people the evil link.
blackfire@lemmy.world
on 18 Oct 2024 08:05
collapse
I read it, I just believe that meta knew what they were doing. I also believe there are other fingerprints they are using while hiding behind the whisper protocol to say they are e2ee.
idunnololz@lemmy.world
on 18 Oct 2024 13:10
collapse
Oh it’s really easy to fingerprint a device on Android so I’m 99% sure they are fingerprinting you in one way or another. But this seems to be an overly complicated way of doing it. It does really just seem like an unintentional design flaw.
threaded - newest
😱
Shocked I tell you. They were fingerprinting all along.
I think you might have misread the article (or maybe I have?). I think the article is saying that other people (a 3rd party that is not Meta) can use some metadata clues to puzzle out which OS a user is using WhatsApp from. The article then says this is bad because an attack can target specific OSes or tailor their attack to the user’s OS. Eg. Hacker has an evil link that abuses an exploit on Android only. They can figure out who is signed into WhatsApp on android and only send those people the evil link.
I read it, I just believe that meta knew what they were doing. I also believe there are other fingerprints they are using while hiding behind the whisper protocol to say they are e2ee.
Oh it’s really easy to fingerprint a device on Android so I’m 99% sure they are fingerprinting you in one way or another. But this seems to be an overly complicated way of doing it. It does really just seem like an unintentional design flaw.
If they fix it and randomise then I’d say you’re right. But from the article they didn’t say they would.
What oh my god, you mean Facebook was violating my privacy? I never would have guessed. /s
This is why I stopped using any product associated with their company in 2018 and have never gone back.