this post was submitted on 03 Aug 2023
38 points (100.0% liked)

Privacy

31833 readers
161 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Does user privacy when using WhatsApp Web (https://web.whatsapp.com) differ substantially from using WhatsApp on Android? WhatsApp on Android has end-to-end encryption and (optional) encrypted backups. If I use WhatsApp Web, will Meta be able to see the contents of my WhatsApp messages?

all 8 comments
sorted by: hot top controversial new old
[–] jet@hackertalks.com 20 points 1 year ago* (last edited 1 year ago) (1 children)

WhatsApp is closed source. Meta can always see your messages. It might be end-to-end encrypted and they might make a copy for meta. And that would still satisfy the end-to-end promise. You can't trust closed source for end-to-end encryption.

[–] itchy_lizard@feddit.it 2 points 1 year ago (1 children)

You literally missed the definition of end-to-end encryption.

If Meta can see the messages, then that's not e2ee

[–] jet@hackertalks.com 4 points 1 year ago* (last edited 1 year ago)

I'm trying to illustrate that corporations will use weasel language entirely to their advantage.

I have to fight spammers and scammers, I need to be able to inspect message contents. But customers also went into an encryption. So I offer them end to end encryption but I also make a copy for myself. So it's closed source and in public I can just say hey you've got end to end encryption. And be truthful about it, but I also have an administrative side channel where I get a copy of the message.

Or it might be end-to-end encrypted but a copy of the key is preserved for administrative purposes that WhatsApp controls. We just don't know

Weasel language is something we have to defend against, and the only real defense is open source, so we can't trust WhatsApp to protect your end-to-end privacy

[–] Huschke@programming.dev 13 points 1 year ago (1 children)

As others have said both options are inferior to Signal because you can't verify the privacy claims Meta makes.

However I'd argue that WhatsApp Web is slightly better, because it being a web app means Meta can collect less data about you compared to a phone app.

[–] jdgordon@aussie.zone 4 points 1 year ago (1 children)

Meta still controls all the code running in the web app. They may be scraping your messages just like they have the option on Android.

It can still be end to end encrypted with them sending themselves a copy from the unencrypted text boxes you see

[–] lemmyng@beehaw.org 3 points 1 year ago

He refers to the fact that the web app does not have default access to your device sensors, microphone, storage, etc.

[–] LollerCorleone@kbin.social -2 points 1 year ago

If I use WhatsApp Web, will Meta be able to see the contents of my WhatsApp messages?

Just as much as they would be able to see the contents of your messages when you use the app. The answer to this question depends on how much you trust Meta to stick to their claims. As others have already said here, use Signal if you are looking for a private messenger.