this post was submitted on 09 Oct 2023
102 points (97.2% liked)

Privacy

31934 readers
606 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

For open source messengers, you can check whether they actually encrypt your messages and whether the server has access to your encryption keys but what about WhatsApp? Since it's not open source, you can't be sure that the encryption keys aren't sent to the server, right? Has there been a case where a government was able to access WhatsApp chats without reading them from the phone itself?

you are viewing a single comment's thread
view the rest of the comments
[–] lung@lemmy.world 28 points 1 year ago (2 children)

You bet your ass they can. Since when has Facebook taken anybody's privacy seriously? And you remember all the Snowden leaks? Like how AT&T has been a government apparatus for spying for decades? Or how about the way that the USA taps under sea cables to monitor data, causing China to build totally parallel backbone infrastructure

The better question is whether Signal, despite being open source, is actually secure. It's very plausible that the govt has backdoors somewhere, for either encryption, the OS, the programming language, the app store, or some random dependency lib

The answer is yes, the US government spies on everything, and has a complete profile of everyone

[–] possiblylinux127@lemmy.zip 6 points 1 year ago (1 children)

Signal hasn't been compromised. It has been reviewed and is continuing to be reviewed by tons of researchers and security personnel.

Its also important to note that its used internally by goverment organizations in the US so it has to be at least reasonably secure.

Don't believe propaganda you read online.

[–] lung@lemmy.world 1 points 1 year ago (1 children)

Well, in my comment I describe quite a number of methods. It doesn't matter how secure or reviewed signal is, if the feds have a keylogger at the OS or compiler level. It's really unbelievable how much code is involved in day to day security

[–] Fisch@lemmy.ml 2 points 1 year ago (1 children)

The keylogger and operating system (if you're using Android) is open source as well. They can't just put a keylogger in there.

[–] lung@lemmy.world 0 points 1 year ago

Nah, the OS has proprietary overlays that vendors put in there. And it's not like you're reviewing and compiling your own software - you're dependent on your provider to be honest with the software they actually installed. But factually you have no idea if the android phone you purchased has been modified. And Android itself is so huge that backdoors can be sneaky. We have already caught several instances of attempted backdoors in Linux - but there's always the fear we didn't find them all

If this all sounds way too paranoid, then review Snowden leaks

[–] Gush@lemmy.ml 5 points 1 year ago (1 children)
[–] lung@lemmy.world 3 points 1 year ago

Well you gotta be careful if it's your only donkey but I'm still confident you'll end up winning a second ass