pull down to refresh

Ah, damn, reconsidered my territory choice and wanted to switch to ~privacy but it's more expensive to post there
/cc @davidw fyi lol

WhatsApp has end-to-end encryption, promising privacy to users.
However, it becomes useless if backups to Google Drive are unencrypted. Our supposedly private data goes to the control of Google.
No problem, I can disable the backup. But, what about all the people I talk to? Google still holds most of my conversations, unencrypted.
This seems to be a useless/tricking/lying design, done in purpose to ensure they keep control of the users. (and keep in mind that Whatsapp reminds me MANY times to enable the Backup)
I understand that as soon as I send a message to another person, they can take screenshots, show to other people, etc. I understand that risk. However, not encrypting backups just makes it way easier for the messages to be even more exposed.
Question is - I'm sure WhatsApp could encrypt backups to Google if they wanted (e.g. require a passphrase to users, or at least have that option and recommend users to use it). Why does WhatsApp not do that?

I did not verify if this is still the case (or ever was indeed the case) but back when I still used WhatsApp, I think I once saw the "information" (should have been a warning!) that the backups (that were enabled by default iirc) are not encrypted by default -- but I can set a password to enable encryption.
I can see how WhatsApp (or did Facebook already own WA at that point?) thought it's easier to roll out backups without encryption.
But don't call your app E2EE then. That's essentially a backdoor. Rolling out unencrypted backups and still pretending that your app is E2EE is a huge red flag.
164 sats \ 0 replies \ @gd 9 Jan
WhatsApp has a back door for any western government who wants one. Assuming a non-zero level of security from Meta products is a mistake IMO.
reply
100 sats \ 1 reply \ @anon 9 Jan
Maybe a dumb question, why do people even want to backup their chats to the cloud? imho I think people just emotionally default to and get obsessed about backing up everything and never losing anything. But do you really need your texts backed up to the cloud? Are you ever really going to your cloud backups and reading them? Encryption and privacy totally aside, this seems silly to me. If you have data or info you need to save you absolutely should be putting it somewhere else besides a messaging app. If I need a secure backup I'm usually putting it in Bitwarden(encrypted and open source).
That being said I try to avoid WhatsApp in favor of Signal regardless. However when you have mixed iphone and android friend or family groups, especially in different countries, you often have to default to WhatsApp. Its just the most common messaging app by far. And because lots of people I know think Signal is only for drug dealers and criminals (the same mindset they apply to bitcoin interestingly enough).
reply
why do people even want to backup their chats to the cloud? imho I think people just emotionally default to and get obsessed about backing up everything and never losing anything
That's just like you man. Don't project yourself onto others. Other people are actually - believe it or not - other people.
And to other people their chats are actually very emotionally important.🤓
reply
100 sats \ 1 reply \ @davidw 9 Jan
Great spot. Pretty normal practice these days for these tech conglomerates.
~privacy reduced to 1 sat for one hour only... 🤣
reply
100 sats \ 0 replies \ @ek OP 9 Jan
~privacy reduced to 1 sat for one hour only... 🤣
Done! The next link I have is also related to both (~privacy and ~security) but that one makes more sense for ~security, I think
reply
if you care about privacy, why on earth are you using facebook products?
reply
deleted by author
reply
Because Zuck?!
reply
Because Zuck Sucks!
reply
reply
10 sats \ 0 replies \ @ek OP 9 Jan
NIP-04 is very bad but we're rolling out NIP-44.
reply
It is not encrypted by default, but it's possible.
I actually did it an hour ago.
reply
0 sats \ 1 reply \ @ek OP 10 Jan
Defaults matter though. It's undermining E2EE.
reply
Absolutely!
reply
Because whatsapp don't want to share his information to google... 😂😂👍
reply