Encrypt all the things!

Posted on
Page
of 138
  • I believe this latter point is not (yet) true. Because we passed UK level laws to enact the GDPR legislation. That would need to be unwound. See https://ico.org.uk/for-organisations/dp-at-the-end-of-the-transition-period/data-protection-now-the-transition-period-has-ended/the-gdpr/

  • I'll keep my WhatsApp account, but I pressed "Not Now" and am currently in the process of manually deleting every chat, all media, and exiting all groups on WhatsApp and instigating the chats anew on Signal. WhatsApp will exist only so that those who try and reach me can do so... but I'll only actually chat on Signal.

    You're almost certainly on this, but don't forget to also deny whatsapp access to your contacts.

  • Would deleting my FB account help?

    I've only left it for friends in other countries, and TBH with kids etc. I think holding onto it for that reason is just wishful thinking.

  • Up till now tech companies have had to lobby the monolith that is the EU to affect legislative change.

    Now it's just going to be us on our jays.

  • What if you're used an EU phone number?

    Or, what if you used a UK phone number but you were using VPN through EU for chats?

    ie. how do they work out you're UK and as such a second class citizen in privacy/GDPR terms?

    EU GDPR applies to EU citizens... but it's of course impossible to know whether someone using a service anywhere in the world is an EU citizen or not. So the reasonable implementation is simply traffic via EU datacenters... and the UK is no longer in the EU.

  • I believe this latter point is not (yet) true. Because we passed UK level laws to enact the GDPR legislation. That would need to be unwound.

    Yes and no.

    The UK laws have not been proven to have teeth, and certainly not with a govt and enforcer wanting to show it.

    For the one with teeth, the EU... the UK are now a 3rd country... so the protections there don't apply.

    Across the tech industry I see companies that care about privacy moving their data from the UK to EU proper... so I wouldn't today put a lot into the on paper protections we have in the UK, we may not possess the ability to enforce them.

  • . Edit

    @Velocio had a better response

  • Would deleting my FB account help?

    I mean yes... but then, deleting FB and having WhatsApp is still having a FB account.

    The key thing: If you have WhatsApp, you now have a FB account.

  • You're almost certainly on this, but don't forget to also deny whatsapp access to your contacts.

    Actually I'd forgotten that... will do that now.

  • My work phone uses WhatsApp for lots of work related comms.
    I don't really use that phone for any out of work stuff but should I be be suggesting to the business they switch? Is there an easy way to explain this to them?

  • WhatsApp remains encrypted end-to-end... but that was never the threat.

    The threat is what happens at the ends... on the servers, and on the client. i.e. could WhatsApp access the messages on the server, would they use the client to read them?

    The servers aren't the ends though (in terms of end-to-end encryption), the clients are the ends. The servers *should* know nothing except metadata (which is still valuable) - they know Person A is sending a message to person B at time X but they don't know what the message is.

    We know they could access the messages on the server, as some of their search and sharing functionality reveals the capability, plus encryption requires keys and the fact that you could lose a phone and activate on a new phone shows that if things are encrypted then WhatsApp possessed the keys at their end... which should be freaking obvious to all, of course they hold the keys.

    Restoration of messages on a new phone doesn't require WhatsApp to know the keys. If people weren't just restoring from a cloud backup (encrypted or not) then Whatsapp was restoring messages behind the scenes. What it displays is a weakens in the security of the system as the messages were able to be restored by the new client sending new public keys (generated on the new device) to recent contacts and having them re-encrypt old messages (even the entire old chat history) with the new keys and resending them. If it was a group chat of 50 people you'd only need one person to be online to be able to re-request the entire group history as far back as that user has it. The problem with Whatsapp is that they could use exactly this functionality to read arbitrary messages to/from anyone, and the client only displays what it is told so it could easily be told not to inform the end user(s) that this is going on. End-to-end encryption (as in client-to-client) is preserved but the system allows new ends to be added silently.

    Like you say, preview of links is also an area where things could leak, there's no way to turn it off either which is annoying.

    The "Invite to Group via Link" functionality was fundamentally flawed too. If you only need a link to join a group then you've opened a really big door if that link is exposed or too weakly generated.

    But the basic problem with trusting Whatsapp is that you have to trust them. There's no guarantee that they've implemented the protocol(s) as they describe, and there's no guarantee that they've implemented it securely. There are a load of security problems with Whatsapp and I don't believe that they are all unintentional. Accidental vulnerabilities are just a convenient way to implement a backdoor.

  • Business should be choosing secure by default and private comms. There's no way that WhatsApp would now pass privacy audits, and as the business data will now be enriching advertising profiles there is a risk that things discussed in what was assumed to be a confidential space is no longer safe.

    Businesses shouldn't have been using a consumer tool anyway, but now WhatsApp and Facebook accounts are merging, business comms are now essentially on Facebook and the data is being processed in the US.

    The business should either be considering a business tool that grants them auditing tools, history, etc, i.e. Salesforce Slack, Google Meet, etc... or if they wish to continue using a consumer tool (as a backup to business tools?!) they should go for the non-profit and secure by default Signal which is already used by most government and security industry professionals.

    If they want to see what the security and engineering community think: https://hn.algolia.com/?dateRange=all&page=0&prefix=false&query=whatsapp&sort=byDate&type=story

    A few days ago the question was asked: If not WhatsApp, then what should I use: https://news.ycombinator.com/item?id=25669864

    Signal won, by a significant margin.

  • @velocio lovely stuff thanks

  • Thank you VB. thank you greenbank. Thank you all.

  • There's more stuff about the Whatsapp backups on HN recently (in a thread about a Telegram backdoor).

    It confirms that if you enable the cloud backup then the Whatsapp client uploads them to Google Drive encrypted with a key derived from your phone number. That's how you're able to restore messages on a new phone without needing anything else, but only if you have cloud backup enabled.

    Whatsapp's servers don't have the unencrypted messages, but they do have everything they need to get it if you have cloud backups enabled.

    (I wouldn't enable cloud backup of my whatsapp messages based on that. Whatsapp will have written the key derivation function and so they could retrieve and decrypt any of the backups. Most likely this is so they can give access to Government agencies who probably already have access to arbitrary Google Drive data stores at will. They just need the key derivation function details from Whatsapp.)
    Personally I just rely on periodic local backups of my phone (which will backup all of the data) and knowing that I may lose the few days data since my most recent backup. I wouldn't touch the cloud backup with someone else's stick.

  • Facebook, in theory, doesn't have my phone number (don't use the phone apps and have never given my number to Facebook).

    Would this stop the ability to link the two accounts or is it done through other ways?

  • I just sent a message to the few people on whatsapp saying "ciao for now", killed everything, deleted my account and uninstalled. #deletefacebook

  • Still on Grndr, right?

  • This is a really interesting conversation, but for the average user (like myself), what's the real world solution? WhatsApp has a critical user mass and whilst I like the idea of moving to Signal, realistically my friends and family simply won't (that's even before you start talking about manual backups etc).

    I'm not sure there's a lot that can be done, right?

  • Facebook, in theory, doesn't have my phone number (don't use the phone apps and have never given my number to Facebook).

    Would this stop the ability to link the two accounts or is it done through other ways?

    The vast majority is done via your mobile phone apps installing the Facebook SDK for Facebook login integration. Even if you don't have a Facebook account or have logged in using one... the SDK pings info on every app startup, and some apps choose to integrate deeper.

    Things that can build an advertising profile:

    • Mobile app ping your identity and/or IP address (correlate on IP address and device fingerprint - maybe associated to an actual email)
    • Email addresses being used the same across multiple apps (correlate on email)
    • Phone numbers
    • Your contact list (i.e. in WhatsApp... the map of connections is a form of identity)

    Everyone has a Facebook advertising profile... all you can meaningfully do is minimise how enriched it becomes, and if you're very successful you may prevent them from correlating too much together (in which case you have lots of sparse profiles).

  • Prob won’t work for everyone, but what I’ve (always) done is refuse to use WhatsApp, and just email/sms/iMessage/telephone as needed instead. WhatsApp isn't the only way to communicate. Then keep telling people to use signal.

  • I'm not sure there's a lot that can be done, right?

    I'm not sure I'll ever achieve 100% off of WhatsApp, but then again... do I need to?

    I think it's best just to minimise WhatsApp usage, and the relationships and conversations I really care about I have moved to Signal very easily... these are the conversations where people want privacy and security.

  • Im having issues with ExpressVPN... anyone else? Spinning circle. Redownloaded it, still spinning circle.

  • Post a reply
    • Bold
    • Italics
    • Link
    • Image
    • List
    • Quote
    • code
    • Preview
About

Encrypt all the things!

Posted by Avatar for Velocio @Velocio

Actions