Hacker News new | ask | show | jobs
by rhaway84773 1017 days ago
Not only is it not true, it’s very likely they’re already doing it.

For example, WhatsApp sells itself as fully encrypted, etc. but if you’re in a group chat thars not true anymore. That information is available to WhatsApp and they almost certainly make it available to several governments (hopefully in a judicially protected way but we can’t know that).

Further, if you backup your WhatsApp chats, that’s game over for any privacy.

The UK legislation is stupid because the UK has been run by a bunch of stupid people for at least the past decade.

Nothing about this legislation is dumber than Brexit, for example, which was a referendum that was proposed to the public in such a ridiculous manner that the next half decade was spent in divining what the referendum actually meant.
1 comments
FabHK 1017 days ago
> For example, WhatsApp sells itself as fully encrypted, etc. but if you’re in a group chat thars not true anymore. That information is available to WhatsApp and they almost certainly make it available to several governments (hopefully in a judicially protected way but we can’t know that).

Source? It could well be that the sender e2ee it to each of the recipients, no? (Trivial to add the government or WhatsApp itself to the recipients, then, but that is a different claim.)

link
bostik 1017 days ago
OP reads like something I have played devil's advocate for. In an earlier discussion about WA vulnerabilities, one of the reported bugs was that as implemented, Facebook could have added themselves silently to any group chat, thus receiving with plaintext copies of all messages sent in the group from that point onwards. I then extrapolated that if they so chose, they could change their plumbing enough to make all chats group chats - even when they were between two people.

To be absolutely clear, there was not - neither back then, nor since - evidence of this being the case. But the technical capability and potential for such subversion was there at the time. I have not followed the domain news enough to know whether this is still the case.

What is available to WA and thus to governments, is the traffic pattern part. Who communicates with whom, when, how large the messages approximately are, and so on. The stuff our industry and journalists at large have chosen to call metadata[tm].

I stubbornly call the whole thing for what it is: traffic analysis. Old-school style.

link