lemmeBe@sh.itjust.works
on 22 Oct 18:42
nextcollapse
Of course not. And the often repeated “they use Signal protocol” means diddly squat because the code is closed source. They took Signal protocol at some point, forked it and did good knows what with it since experts cannot review it. 🙄
The server doesn’t need to know or keep track of who’s sending a message to deliver it. If you don’t trust signal to not lie to the court about not collecting such metadata, I can’t convince you otherwise. But there’s a merit in designing your system so that such collection is as hard as possible.
Are you’re familiar with how singal’s servers work? Even I can think of a system where all messages are collected in a common pool before being distributed, the actual security researchers that made signal surely thought of something better.
How does FISA make it legal for singal to lie to a court about what information they have? Please enlighten me
I guess that’s right. Although I’m (most likely) not a person of interest for any secret service. But the data could be interesting for marketing and insurance companies.
And it has its own rules and policies for what is shared with other Meta business units.
Google has spell out the same. Just because you provide data like location to one Google service doesn’t automatically mean every other Google service can access it.
And they can’t just change their internal data policies however they like as some of this is governed by legal regulations.
Here’s a a story about how Google is not allowed to share data across business units without user consent, at least in the EU.
Meta acquired WhatsApp and somehow hasn’t messed it up yet. WhatsApp has always been fairly good with privacy and doesn’t share much with other Meta apps as far as I’m aware.
schizo@forum.uncomfortable.business
on 22 Oct 17:13
collapse
Oooor it’s a change being made by Meta to ensure that all your contact details are entered into a platform owned by them (since the underlying phone OSes have made scraping that data harder in recent versions), so they can more efficiently mine your data so Zuck can afford another yacht.
I’d like to think it’s a user benefit, but I mean, historically… it wont’t be. (Yes they claim it’s encrypted, but I don’t trust Meta one bit to still not have some way to use this data for their benefit.)
I’d like to think it’s a user benefit, but I mean, historically… it wont’t be. (Yes they claim it’s encrypted, but I don’t trust Meta one bit to still not have some way to use this data for their benefit.)
Eh, I would actually believe this is purely user driven. Their solution doesn’t sound like it will work differently in Europe vs the rest of the world, and if their claims about it being encrypted and only user accessible are true, there is fundamentally no benefit to them from a data harvesting stand point.
They also face a lot of competition in the messaging space, moreso than any of their other apps, which will generally incentivize them to be more user focused.
It’s reasonable not to trust them, but they could get in serious legal trouble if they are claiming the data is encrypted and they can’t access when in fact they can.
WhatsApp has a different business model. There are a lot of businesses on the platform and businesses are charged to do business messaging with users.
In some parts of the world WhatsApp has become a somewhat essential part of life so plenty of businesses what to participate and access the users there.
How Meta got into that position involved zero-rating— a practice where they work with ISPs to make sure there are no data fees to access WhatsApp.
While free seems good, the practice allowed WhatsApp to quickly dominate, crowd out competitors and make itself essential.
“What makes a zero-rating practice, like that of WhatsApp in Brazil, particularly threatening to human rights is when it is the only economically viable option for internet access in a society. In Brazil, as an internet connection can swallow up to 15% of the household income, users rely on these practises. As Professor Belli points out that economically, no other opportunity exists to assess the information being presented.”
HootinNHollerin@lemmy.world
on 22 Oct 18:34
nextcollapse
They already grabbed the data when you gave them access to your contacts with their current model.
That’s what confuses me, I’m not seeing what their benefit is in this. They have one, and I’m sure it’s nefarious, but I don’t see it.
Evil_incarnate@lemm.ee
on 23 Oct 18:43
nextcollapse
Everyone I know has their contacts backed up to google or apple. Enter your account and password into your new phone and your contacts are there. Zero benefit.
Please, for the love of my sanity, make it shut up about backing up my whatsapp chat history. I said no. I mean no. Stop asking. There’s nothing in there I cherish. I don’t care that you have a problem backing up the nothing I chose to the nowhere i configured; just stop.
threaded - newest
Encrypt them?
They already are.
So meta doesnt know who and when you are talking to?
They cannot see phone numbers of contacts, no.
Is the code open ?
Of course not. And the often repeated “they use Signal protocol” means diddly squat because the code is closed source. They took Signal protocol at some point, forked it and did good knows what with it since experts cannot review it. 🙄
No. The Signal app offers similar functionality to WhatsApp core features and is open.
Signal leaks meta data lol
I don’t think so. Metadata is unencrypted (i.e. your contacts, who sends messages to whom and how often and when).
Messages itself are encrypted.
Am I wrong?
It uses signal Protocol so it has the same design defect for leaking meta data.
Both know who and when you are talking too. And thats really all the data the security apparatus cares about.
Is that really how it works? I thought signal protocol was about just how the encryption worked, not what is encrypted?
I am not following this.
Content of msg is encrypted and everything within but signal server knows when you talk to your girl becuase the server has to route it.
So anytime you initiate a chat, they know that yall doing something.
This meta data is what the game is all about tho.
and yet the only thing they provide upon a court request is the last time you were online and the date you created your account signal.org/bigbrother/
That's for a generic court. FISA court order would never see a light of day and they would not waste that being exposed to the public.
They have technical capability to collect this meta data, that's a fact.
We know that that for purpose of this court case they either did not or are under order to not disclose.
If security apparatus want this information, they can get it. Do you really think singal will say know and violate US law?
The server doesn’t need to know or keep track of who’s sending a message to deliver it. If you don’t trust signal to not lie to the court about not collecting such metadata, I can’t convince you otherwise. But there’s a merit in designing your system so that such collection is as hard as possible.
Bad analysis
Server knows each time you engage a person and who you are enaging. This is the meta data thats need for creatijg cohort groups
Also, you dont seemt to under how FISA order would work vis-a-vis regular court proceedings.
Are you’re familiar with how singal’s servers work? Even I can think of a system where all messages are collected in a common pool before being distributed, the actual security researchers that made signal surely thought of something better.
How does FISA make it legal for singal to lie to a court about what information they have? Please enlighten me
I guess that’s right. Although I’m (most likely) not a person of interest for any secret service. But the data could be interesting for marketing and insurance companies.
That is what the article is explaining. The contact names and details are encrypted.
engineering.fb.com/…/ipls-privacy-preserving-stor…
Perhaps the call times are exposed but it seems it would be difficult or impossible for them to connect this with a human identity.
Use Signal if you have concerns about WhatsApp.
Thanks.
The planned improvements are a good thing. I thought we talked about the status right/ until now.
Also: What does it mean then Meta (the company) isn’t eager to collect this data (anymore)? This doesn’t fit my world view of this company.
They don' want to moderate contents of your convos, it got expensive.
They are still mining the meta data to create cohort groups.
Where is the evidence of Meta mining WhatsApp metadata?
If it is happening, meta has it
Here WhatsApp spells out what it shares with Meta:
faq.whatsapp.com/1303762270462331
Whatapps is meta
WhatsApp is a Meta business unit, yes.
And it has its own rules and policies for what is shared with other Meta business units.
Google has spell out the same. Just because you provide data like location to one Google service doesn’t automatically mean every other Google service can access it.
And they can’t just change their internal data policies however they like as some of this is governed by legal regulations.
Here’s a a story about how Google is not allowed to share data across business units without user consent, at least in the EU.
theverge.com/…/google-digital-markets-act-service…
And tiktok promised to not send data back to china... It did.
And meta got caught sharing whatsapp data too
So did google
And then you come here with this clown 🤡 analysis?
How naive is u? Wtf
Do you reallt trust what a company says?
Meta acquired WhatsApp and somehow hasn’t messed it up yet. WhatsApp has always been fairly good with privacy and doesn’t share much with other Meta apps as far as I’m aware.
https://www.wired.com/story/whatsapp-facebook-data-share-notification/
Why is u lying?
Is this deshittification?
Oooor it’s a change being made by Meta to ensure that all your contact details are entered into a platform owned by them (since the underlying phone OSes have made scraping that data harder in recent versions), so they can more efficiently mine your data so Zuck can afford another yacht.
I’d like to think it’s a user benefit, but I mean, historically… it wont’t be. (Yes they claim it’s encrypted, but I don’t trust Meta one bit to still not have some way to use this data for their benefit.)
Eh, I would actually believe this is purely user driven. Their solution doesn’t sound like it will work differently in Europe vs the rest of the world, and if their claims about it being encrypted and only user accessible are true, there is fundamentally no benefit to them from a data harvesting stand point.
They also face a lot of competition in the messaging space, moreso than any of their other apps, which will generally incentivize them to be more user focused.
It’s reasonable not to trust them, but they could get in serious legal trouble if they are claiming the data is encrypted and they can’t access when in fact they can.
WhatsApp has a different business model. There are a lot of businesses on the platform and businesses are charged to do business messaging with users.
In some parts of the world WhatsApp has become a somewhat essential part of life so plenty of businesses what to participate and access the users there.
How Meta got into that position involved zero-rating— a practice where they work with ISPs to make sure there are no data fees to access WhatsApp.
While free seems good, the practice allowed WhatsApp to quickly dominate, crowd out competitors and make itself essential.
humanrightspulse.com/…/is-zero-rating-a-threat-to…
“What makes a zero-rating practice, like that of WhatsApp in Brazil, particularly threatening to human rights is when it is the only economically viable option for internet access in a society. In Brazil, as an internet connection can swallow up to 15% of the household income, users rely on these practises. As Professor Belli points out that economically, no other opportunity exists to assess the information being presented.”
Don’t use meta anything
I agree and practice this, but also impossible in some parts of the world. Luckily not in Canada, the US, or Japan. Sorry, other places.
So the bottom line is don't use WhatsApp contacts manager? Got it.
OH BOY THAT SOUNDS SWELL AND DEFINITELY NOT A DATA GRAB
They already grabbed the data when you gave them access to your contacts with their current model.
That’s what confuses me, I’m not seeing what their benefit is in this. They have one, and I’m sure it’s nefarious, but I don’t see it.
Everyone I know has their contacts backed up to google or apple. Enter your account and password into your new phone and your contacts are there. Zero benefit.
Please, for the love of my sanity, make it shut up about backing up my whatsapp chat history. I said no. I mean no. Stop asking. There’s nothing in there I cherish. I don’t care that you have a problem backing up the nothing I chose to the nowhere i configured; just stop.
I said yes and now I get a backing up bar in my notification tray that rushes to ~90% and then hangs for the day. Finishes in time to start again