• Kir@feddit.it
    link
    fedilink
    arrow-up
    14
    arrow-down
    1
    ·
    9 months ago

    Would this mean I could finally ditch what’s app and use only Signal?

        • anlumo@feddit.de
          link
          fedilink
          arrow-up
          39
          ·
          9 months ago

          Yeah, this worked so well for XMPP when everybody federated with Gmail chat.

        • muhyb
          link
          fedilink
          arrow-up
          34
          ·
          9 months ago

          It’s not. There is no privacy if you send your message to Whatsapp servers.

          • Avid Amoeba@lemmy.ca
            link
            fedilink
            arrow-up
            26
            ·
            9 months ago

            There’s even less privacy if I have to have the WhatsApp app installed on my phone to send that message.

          • InfiniWheel@lemmy.one
            link
            fedilink
            arrow-up
            13
            ·
            9 months ago

            You have the big plus of not having the WhatsApp app installed and snooping around with all those permissions it has.

          • n2burns@lemmy.ca
            link
            fedilink
            arrow-up
            4
            ·
            9 months ago

            Would it not be E2EE? Isn’t that one of the reasons for using the Signal protocol?

            • muhyb
              link
              fedilink
              arrow-up
              11
              ·
              9 months ago

              Yes, the “delivering” part would be E2EE. Do we really know the afterwards if they can read their users’ messages? They probably can.

              • falsemirror@beehaw.org
                link
                fedilink
                arrow-up
                11
                ·
                9 months ago

                Whatsapp CANNOT read messages when e2ee is enabled, this client-side snooping was discussed when the protocol was first implemented. Whatsapp collects a ton of metadata and social graph info, but not message content.

                • blackstrat@lemmy.fwgx.uk
                  link
                  fedilink
                  arrow-up
                  4
                  ·
                  9 months ago

                  Well you type messages in in plain text and they decrypt it to show you the messages at the other end. So they can do the nefarious processing on the client side and send back results to the mother ship. E2EE is only good when you trust the two ends, but with WhatsApp and Messenger you shouldn’t trust the ends.

                  • sunbeam60@lemmy.one
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    9 months ago

                    At the end of the day, you’ve got to trust someone. I’m 200% convinced meta mines the social graph, of course they do, and provide access to law enforcement with a pro forma request. But I’m also 199% sure they don’t actually read your messages once unencrypted, reencrypts them and sends them as hidden payloads or does something else with it. The damage, should it be discovered, would be untold.

                    And while I don’t trust Meta on a lot of things, I know enough people there to realise that if they did that it would leak.

              • n2burns@lemmy.ca
                link
                fedilink
                arrow-up
                5
                ·
                9 months ago

                Sure, but any messaging app (including Signal) could have these backdoors in place. Heck, there’s even vectors for unrelated apps on your phone to read this data once unencrypted.

                • muhyb
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  9 months ago

                  That’s actually true. We don’t know the real-time server code of Signal. Though other apps cannot read what’s written inside Signal, that’s the good part. I prefer private server + Matrix but Signal is the easiest for regular people.

            • authorinthedark@lemmy.sdf.org
              link
              fedilink
              English
              arrow-up
              3
              ·
              9 months ago

              if i remember correctly, it would be E2EE (WhatsApp and Messenger are too) but Meta stores the encrypted message on their server

          • ViciousTurducken@lemmy.one
            link
            fedilink
            arrow-up
            10
            ·
            edit-2
            9 months ago

            Them being nonprofit has nothing to do with the pursuit of marketshare. Plenty of nonprofits want to maximize marketshare. Them being nonprofit means they are mission-driven.

            And what is that mission?

            Per the Signal Foundation’s website:

            Protect free expression and enable secure global communication through open source privacy technology.

    • spdrmx@beehaw.org
      link
      fedilink
      arrow-up
      13
      ·
      9 months ago

      Not if signal doesn’t want to support WhatsApp, and I don’t think they’re going to unfortunately :(