Privacy

31987 readers

492 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

106

Can the government decrypt your WhatsApp chats? (lemmy.ml)

submitted 1 year ago by [email protected] to c/[email protected]

80 comments fedilink hide all child comments

For open source messengers, you can check whether they actually encrypt your messages and whether the server has access to your encryption keys but what about WhatsApp? Since it's not open source, you can't be sure that the encryption keys aren't sent to the server, right? Has there been a case where a government was able to access WhatsApp chats without reading them from the phone itself?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 6 points 1 year ago (7 children)

yowsup is an Open Source implementation of the WhatsApp protocol. So there is proper end-to-end encryption on the protocol level - that would only leave the possibility of having a backdoor in the "official" WhatsApp client, but none has been found so far. BTW, people do actually (try to) decompile the WhatsApp client (or the WhatsApp Web client which implements the same protocol and functionality) and look what it is doing.

For anyone really curious, it's not too difficult to hook into the WhatsApp Web client with your web browsers Javascript debugger and see what messages are sent.

[–] [email protected] 2 points 1 year ago (3 children)

That repo was updated two years ago, everything could have happened within that time.

[–] [email protected] 1 points 1 year ago (1 children)

It still works (with a few minor updates).

[–] [email protected] 2 points 1 year ago (1 children)

I wouldn't recommended using old software if you care about security

[–] [email protected] 1 points 1 year ago

Maybe so, but in this case the point was that the protocol used by WhatsApp hasn't changed in that time and it's still what they describe in their security whitepaper. If you want to use that software as is or maybe reimplement it based on that is up to you.

load more comments (1 replies)

load more comments (4 replies)