-
link preview... if we chatted and I shared a link to a product in that chat, the link typically showed a summary of the web page in question... the client made a web request using the WebView component, thus placing a cookie and leaking some details. If you ever then opened Instagram and got a highly relevant advert and wondered how that could be because you'd only mentioned it once in a private chat in the "encrypted" WhatsApp... well, now you know.
So even if I don't click on the link in a WA chat, the link preview is placing a cookie on my device? Is that correct?
EB-
Yes. Your client will use the web view within the app to visit the site and read the metadata to render the preview. This is super in Facebook's interest as when that happens any tracking on the remote website (and e commerce will have a lot) can now identify you. Once you open another app, i.e. Instagram, Facebook can then check in their servers to correlate the tracking identifiers and show you an advert, etc relevant to the link previews in the private conversations.
Link previews area a bad idea.
What I do on here for embeds is just rewrite the URL rather than visit it, and then embed only an SSL version of a remote page choosing a nocookie version if one is available (YouTube)... Precisely to prevent too much leaking of who you are. I also break some policies,i.e. eBay affiliates are supposed to have a tracking cookie set but nope... I won't do that stuff.
I like signal for giving you a choice on link previews but defaulting to off.
Velocio
WhatsApp remains encrypted end-to-end... but that was never the threat.
The threat is what happens at the ends... on the servers, and on the client. i.e. could WhatsApp access the messages on the server, would they use the client to read them?
We know they could access the messages on the server, as some of their search and sharing functionality reveals the capability, plus encryption requires keys and the fact that you could lose a phone and activate on a new phone shows that if things are encrypted then WhatsApp possessed the keys at their end... which should be freaking obvious to all, of course they hold the keys.
When it comes to encryption, who holds the keys is a question of security vs convenience, and WhatsApp (when owned by Facebook) showed that they now prioritised convenience over security.
What of the client, the other end? Well... the client has the messages decrypted, it must simply by virtue of being able to show them to you in a way that you could read. And did it use this in a way that profited them? Well yes! The most common form was the link preview... if we chatted and I shared a link to a product in that chat, the link typically showed a summary of the web page in question... the client made a web request using the WebView component, thus placing a cookie and leaking some details. If you ever then opened Instagram and got a highly relevant advert and wondered how that could be because you'd only mentioned it once in a private chat in the "encrypted" WhatsApp... well, now you know.
So WhatsApp under Facebook ownership kept end-to-end encryption (govts and 3rd parties couldn't intercept on the wire) but used their ownership of both ends for their profit.
Now Facebook have come clean... they're going to fully linked WhatsApp and Facebook accounts, meaning the full advertising force is coming your way. And they've already shown you how... by using the fact that they have access to the unencrypted messages at both ends.
This was always obvious despite their many denials that they would. And those who sought refuge in the "but it's end-to-end encrypted" failed to understand what that implied... it's encrypted end-to-end, meaning everywhere but the end - all the stuff inbetween. But the ends... the server and the client... can both access messages unencrypted.
My view is simple: For all your private communications with anyone that you care about, you should use Signal https://signal.org .
Signal has drawbacks, but that's because when the question comes up of security vs convenience they choose security every time. What does this mean? Well if you lose your phone and buy a new phone, you can activate the same Signal account because you own the phone number, but you cannot access old messages because Signal didn't have ownership of the encryption key, this was on your old phone and if you didn't make a backup of the chat then nothing could restore it.
Signal is basically perfect from a security perspective, but not so great on the convenience and usability perspective (because security was prioritised)... so what it comes down to:
I'll keep my WhatsApp account, but I pressed "Not Now" and am currently in the process of manually deleting every chat, all media, and exiting all groups on WhatsApp and instigating the chats anew on Signal. WhatsApp will exist only so that those who try and reach me can do so... but I'll only actually chat on Signal.