The lawsuit cites ‘courageous whistleblowers,’ but provides no technical evidence. WhatsApp’s parent company, Meta, calls the claims ‘absurd’ and warns that it plans to countersue.
They dont have to decrypt the channel. The app just has to run a screenshot every half second or so and pass that back to an ai/ ocr and there you have it.
Surprised more people werent up in arms when ms proposed that, uh, ‘feature’ for windows.
How anyone would believe Meta wasn’t full of shit about privacy is a moron.
It has been public for a long time that they have access to your contacts and metadata (who you talk to, how much, when, from where, etc.) That was bad enough. But this is the first time I’ve heard about accessing message content. Really chilling.
The headline makes it sound like they have access to all you call, but the text make it sound like it’s just the WhatsApp calls history and contacts and that’s… obvious?
If they actually have access to message that and it is t end-2-end encrypted at all is on a whole different level.
It’s not just “Account A contacted account B.” And that’s it.
It’s more like “Account B using their Facebook profile contacted from a mobile device in Minnesota via an IP address that is known to Meta as a VPN address to connect Account A also using their Facebook profile, who answered from a laptop in Mexico City. The two communicated for 90 minutes and Account B terminated the call.”
It may not be Meta knows everything exactly but it’s a footprint they can follow.
I don’t use WhatsApp, because I’m a homebody and none of the ten people I want to talk to use it. (Plus,.meta. Ugh.)
But the test for “is their encryption good enough to keep them from reading your messages” really needs to be “can you trivially lock yourself out of sent messages”.
If it’s easy for you to set up a new device and chat with your existing contacts without manually entering a code, then it’ll be equally easy for them to set up a fake device pretending to be you and read all of the same things.
I don’t use WhatsApp, so…
I totally believe WhatsApp that it’s e2e encrypted. BUT my personal solution would be to just send chat, differently encrypted, back to WA, as the app obviously can read the chats anyway. So noone would actually lie about a working e2e.
Some companies are trying to redefine E2E as HTTPS… I doubt Facebook is that naive though.
They are probably doing the iMessage trick. The message is encrypted with “your keys”, but you can’t see your keys, and you can’t know if the survaliance key is added to your keys.
Yeah or that. Even simpler. Still technically not lying. But whoever uses those things: their own fault.
