Facebook takes part in the US government's mass surveillance operations, granting wide, possibly complete, access to users' communications. This was revealed by whistle-blower Edward Snowden and the documents he had released. Facebook's interaction with the NSA or other government agencies is kept secret, and will not be admitted, so when Facebook tells you your communications via its applications and services are secure, that is certainly not wholly the case, and quite possibly not at all the case.
Additionally, Facebook uses your communications for its own business interests, e.g. to manipulate you into paying for services or products whose providers pay Facebook, or for other kinds of social engineering. It stands to reason that this includes the information Facebook gathers about you from your WhatsApp conversations.
There are other messaging applications with multi-device capabilities - better or worse - and we should strive to use those with open source code, well-established algorithms, and transparent, robust and trustworthy governance as projects.
----
So - please do not use WhatsApp and try to get your friends and family to switch to alternative applications. Signal and Telegram seem to be the popular alternatives, even if they each have their own shortcomings and flaws.
Yes, but if we are giving recommendations to users, and are explicitly wanting to take into account mass surveillance like this entire thread of conversation is about, e2e is pretty much a requirement nowadays, and we should be suspicious of any service that doesn't implement it.
Agreed. I'm confused as to why Telegram doesn't implement e2e by default. It seems to be the number 1 criticism of people who would otherwise most likely sign up.
Post-Snowden, the question around encryption seems to have shifted from "why are you doing it?" to "why aren't you doing it?".
It just seems like an odd feature not to have unless you have a strong reason for not wanting it.
Is it a technical hurdle?
Exfiltration via side channel exists. For instance, Facebook will upload your conversations when you report abuse/block a contact, and this is behaviour they decided to publicise, who knows what else they collect.
quite right
and this is HN. and one may well wonder in how far FB does NOT seriously interfer with discussions here [and elsewhere, ofc too, for that matter]
Are you implying that Facebook moderates discussions here? I believe @dang is employed directly by YCombinator and is independent of any other tech company.
As for commenting, I can’t speak for other Facebook employees but I made it a point to never comment on Facebook related discussions while I was still employed there. Frankly I didn’t see the point. Most threads would get so vitriolic and emotional that there wasn’t any space to have a discussion. There would be people spouting conspiracy theories like “Facebook controls discussions on HN”. No real point in engaging in such discussions, I figured.
Comments that tend to be critical of Facebook tend to get downvotes, at least early on in the discussion; it's hard not to suspect something may be going on
From the guidelines link at the bottom of the page:
"Please don't post insinuations about astroturfing, shilling, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data."
Facebook takes part in the US government's mass surveillance operations, granting wide, possibly complete, access to users' communications. This was revealed by whistle-blower Edward Snowden and the documents he had released. Facebook's interaction with the NSA or other government agencies is kept secret, and will not be admitted, so when Facebook tells you your communications via its applications and services are secure, that is certainly not wholly the case, and quite possibly not at all the case.
Additionally, Facebook uses your communications for its own business interests, e.g. to manipulate you into paying for services or products whose providers pay Facebook, or for other kinds of social engineering. It stands to reason that this includes the information Facebook gathers about you from your WhatsApp conversations.
There are other messaging applications with multi-device capabilities - better or worse - and we should strive to use those with open source code, well-established algorithms, and transparent, robust and trustworthy governance as projects.
----
So - please do not use WhatsApp and try to get your friends and family to switch to alternative applications. Signal and Telegram seem to be the popular alternatives, even if they each have their own shortcomings and flaws.