Hacker News new | ask | show | jobs
by NayamAmarshe 656 days ago
> which makes it an inferior choice compared to even whatsapp

I'd rather have a good privacy policy with a good enough server-side encryption than some closed-source implementation of E2EE, that we can never audit.

WhatsApp actually disallows you from reverse-engineering the app and looking into the algorithm. That begs the question, what percentage of E2EE is it really? 20%? 50%? 100%? Because there's still no way to confirm their claims of E2EE. All we have is a company with a really good track record in lying publicly, telling you that it's safe.

Looking at WhatsApp's privacy policy, I really wonder why people even support it compared to Telegram: https://privacyspy.org/product/whatsapp/

https://privacyspy.org/product/telegram/
1 comments
mpeg 656 days ago
This is no longer true, whatsapp have taken steps [0] to make their e2ee auditable and honestly I disagree with the idea that no e2ee is better than closed source e2ee. I'm not sure why you would trust a privacy policy more than you would trust encryption, with a court order Telegram would provide your chats to law enforcement, while Whatsapp would not be able to.

[0]: https://engineering.fb.com/2023/04/13/security/whatsapp-key-...

link
NayamAmarshe 656 days ago
> to make their e2ee auditable

This is not the algorithm being audited, it's the key. Telegram's complete algorithm is auditable, including the open source client apps. Server code is always unverifiable, so let's not bring that up.

Secondly, WhatsApp channels and large groups (copied from Telegram) are not encrypted in any way (cmiw), as opposed to Telegram's MTProto 2.0 Cloud encryption. The app is completely closed-source even with all their claims of privacy and its TnC even discourages you from reverse-engineering it.

link
p2detar 656 days ago
WhatsApp Communities are indeed E2E encrypted. About channels, why would you want a channel to be encrypted when you are just a follower and cannot communicate back? In fact WhatsApp's guidelines explicitly state the following:

> Channel updates should be used to share information with followers and viewers, not as a way for admins to communicate back and forth.

https://faq.whatsapp.com/671443411431514/

link