[ControlsGeek]

I just came across this article on the Guardian about a flaw in Whatsapp that allows FB to snoop on your conversations without your knowing. They can change the encryption keys without notifying you. The Signal protocol is not at fault but the implementation is flawed.

https://www.theguardian.com/technolo...ypted-messages

[Soulstream]

Counter argument: There's No Security Backdoor in WhatsApp, Despite Reports

Reading both the original article and the counterargument, I don't believe this is a backdoor at all.

[Dunt Dunt Dunt]

And the mailman could steam open your letters....
A telephone switchboard operator could listen in on your conversations....
A person I talked to can tell ten others what I tell them, and by the end of the day 1,000 people might know.....

I guess I've just never expect communications to be 100% private.

[JuiciPatties]

Sadly, the general population doesn't seem to care too much about security. If they did, I'm sure BlackBerry would be selling like hotcakes. Instead, folks are more interested in the fun and social apps and aren't overly concerned about the snooping of conversations and ability to glean data from their phone. Part of this is due to the lack of awareness of what opening permissions allows for and what they can and actually do with those permissions. If you look back at the CBC Marketplace news piece that was posted on this site and how the news team created a "fake app" with the same permissions as some of the other "famous social apps", they were able to take photos without the user knowing, they could read all of their text messages, can see all their contacts, etc. It is very scary once you show what can be done. Most assume that the developers are ethical, but I'm sure there are some that are not and are taking your data and selling it.

I think it is long understood that Google and Facebook mine data and make good money in doing so. So is it a surprise? Not really. Will the market come down hard on them? I don't think so.

It is not until someone proves something (e.g. evidence that Facebook sold their data to a third party -- and assuming this is not in the Terms and Conditions that you may have agreed to and never read), this will likely continue to happen. Access to data is powerful and Google, Apple and Facebook have tremendous power as they have access to so much data.

[Soulstream]

Sadly, the general population doesn't seem to care too much about security. If they did, I'm sure BlackBerry would be selling like hotcakes. Instead, folks are more interested in the fun and social apps and aren't overly concerned about the snooping of conversations and ability to glean data from their phone. Part of this is due to the lack of awareness of what opening permissions allows for and what they can and actually do with those permissions. If you look back at the CBC Marketplace news piece that was posted on this site and how the news team created a "fake app" with the same permissions as some of the other "famous social apps", they were able to take photos without the user knowing, they could read all of their text messages, can see all their contacts, etc. It is very scary once you show what can be done. Most assume that the developers are ethical, but I'm sure there are some that are not and are taking your data and selling it.

I think it is long understood that Google and Facebook mine data and make good money in doing so. So is it a surprise? Not really. Will the market come down hard on them? I don't think so.

It is not until someone proves something (e.g. evidence that Facebook sold their data to a third party -- and assuming this is not in the Terms and Conditions that you may have agreed to and never read), this will likely continue to happen. Access to data is powerful and Google, Apple and Facebook have tremendous power as they have access to so much data.

1. network security vulnerabilities have NOTHING to do with the OS being used. BB10 does not and cannot make your internet traffic any more secure.
2. app permissions are again something that the OS can do very little to protect you from. How does BB10 prevent you from downloading a "fake app" and give it permission to read your SMS. iOS/Android/BB10 have basically a similar granular app permission model.

[Dunt Dunt Dunt]

1. network security vulnerabilities have NOTHING to do with the OS being used. BB10 does not and cannot make your internet traffic any more secure.
2. app permissions are again something that the OS can do very little to protect you from. How does BB10 prevent you from downloading a "fake app" and give it permission to read your SMS. iOS/Android/BB10 have basically a similar granular app permission model.

Too many here just don't understand... BlackBerry doesn't really mean 100% secure. It takes a very smart user or IT person to lock the phone down and make it secure.... but then that means you can't have much "fun" with it.

Yes it's "bad" that WhatsApp has this "flaw". Still much better than basic BBM and it's single key.

[Thud Hardsmack]

Counter argument: There's No Security Backdoor in WhatsApp, Despite Reports

Reading both the original article and the counterargument, I don't believe this is a backdoor at all.

I'm not seeing a rebuttal to the statement that WhatsApp changed the Signal protocol.

The backdoor is not inherent to the Signal protocol. Open Whisper Systems’ messaging app, Signal, the app used and recommended by whistleblower Edward Snowden, does not suffer from the same vulnerability. If a recipient changes the security key while offline, for instance, a sent message will fail to be delivered and the sender will be notified of the change in security keys without automatically resending the message.

- Guardian article

[TheAuthority]

Oh, yea facebook's whatsapp is so great ... If you want privacy and security pay for BBM. At least BlackBerry has integrity when it comes to privacy and security. Facebook? Of course it's the worst when it comes to either.

[bobshine]

Hmmm am I missing something? When the encryption key changes, I gets a notice on Whatsapp that it was changed, so I know that there's a risk that my message was intercepted.

It's not perfect but again you gotta strike that balance between usability and security. If a message cannot be re-encrypted, then we would be complaining about something else here.

[Tsepz_GP]

1. network security vulnerabilities have NOTHING to do with the OS being used. BB10 does not and cannot make your internet traffic any more secure.
2. app permissions are again something that the OS can do very little to protect you from. How does BB10 prevent you from downloading a "fake app" and give it permission to read your SMS. iOS/Android/BB10 have basically a similar granular app permission model.

There is too much logic here for the Tin Foil hats to handle!

Too many here just don't understand... BlackBerry doesn't really mean 100% secure. It takes a very smart user or IT person to lock the phone down and make it secure.... but then that means you can't have much "fun" with it.

Yes it's "bad" that WhatsApp has this "flaw". Still much better than basic BBM and it's single key.

And here, stop it with your logic!


In all honesty though, it is hilarious how people think they own something that is 100% secure.

What is even more hilarious is people talking about Facebook and Google mining data, when almost every tech company from Microsoft, Apple, Sony etc... do it to.

Data Mining has been a thing since before Google and Facebook were around, they have in particular made great business out of it though.

So much LOL!

[anon(9607753)]

There is too much logic here for the Tin Foil hats to handle!

And here, stop it with your logic!


In all honesty though, it is hilarious how people think they own something that is 100% secure.

What is even more hilarious is people talking about Facebook and Google mining data, when almost every tech company from Microsoft, Apple, Sony etc... do it to.

Data Mining has been a thing since before Google and Facebook were around, they have in particular made great business out of it though.

So much LOL!

Who are these imaginary users you are talking about? I guess they all left for other forums. What I saw was a single comment from a single user that inspired a posse of know-it-all bozos shows up and bash his post to death. Nice discussion!

[z10Jobe]

Who are these imaginary users you are talking about? I guess they all left for other forums. What I saw was a single comment from a single user that inspired a posse of know-it-all bozos shows up and bash his post to death. Nice discussion!

Welcome to Crackberry!

My name is z10jobe and I will be your Basher tonight....kidding...

Good post Mr. Kputock.

Via Q5

Posted via CB10

[JuiciPatties]

1. network security vulnerabilities have NOTHING to do with the OS being used. BB10 does not and cannot make your internet traffic any more secure.
2. app permissions are again something that the OS can do very little to protect you from. How does BB10 prevent you from downloading a "fake app" and give it permission to read your SMS. iOS/Android/BB10 have basically a similar granular app permission model.

Just to be clear ... I wasn't saying that the OS would compensate for a user's decision to allow those permissions. It is clearly discussed in the other post on CBC that those same issues would be present on BB10 as well if the user permitted it. Nothing in my post was saying anything about the OS. My reference to BlackBerry was just in terms of what the "marketing" or differentiator that has always been communicated is that it is security.

We can't compare an app (WhatsApp in this case) to an OS. That doesn't make any sense. That same app exists on BB10 and I'm sure has the same issues as what is being discussed. It has nothing to do with the OS.

The whole point I was making is that no one is going to care if WhatsApp has a backdoor. That majority of folks will continue to use it and be content in doing so. It is not until someone demonstrates that something happens like in the CBC marketplace piece, where you may get more of a reaction. However, what I do feel is the case that if that app was a BlackBerry developed app (like BBM), it would be a much bigger story and everyone (mostly outside of this forum.. haha) would be bashing it more. Of course, I can see why though as it would be newsworthy given that BlackBerry is known for security.

[JuiciPatties]

...What is even more hilarious is people talking about Facebook and Google mining data, when almost every tech company from Microsoft, Apple, Sony etc... do it to.

So who exactly is saying that only those companies are mining data? I think everyone knows that a number of companies are mining data and perhaps sharing it or selling it with sister companies or third parties. Indeed, it is a huge business. Some of them are much better than others, or perhaps more overt about it, and that is why they come to mind much more readily than others. No one is suggesting that it is only Facebook and Google.

[TheAuthority]

So who exactly is saying that only those companies are mining data? I think everyone knows that a number of companies are mining data and perhaps sharing it or selling it with sister companies or third parties. Indeed, it is a huge business. Some of them are much better than others, or perhaps more overt about it, and that is why they come to mind much more readily than others. No one is suggesting that it is only Facebook and Google.

Furthermore, unlike Google and facebook, those other companies' entire business model doesn't consist of data mining.

[TgeekB]

Don't use the internet, sell your smartphones and computers, don't go outside, turn off the lights, pull the covers up over your head. You should be safe now.

Unfortunately, we live in a world where we are all interconnected, like it or not. There is no way, other than my first statement, to avoid it and i doubt life would be very enjoyable. We have to just be aware, be smart, and go about our business. I don't see another way.

[valer466]

Is anyone ever going to give up using WhatsApp (save for the only i and my 0.5 BBM contacts have BBM, i don't need Whatscrapp crowd).

It's a necessary evil. Much like spam invites and ads in chat window and video/static ads in BBM feed (which we can pay to remove, but it isn't supposed to be there on a platform that already has a stigma attached to it)

[kg4icg]

I gave up using WhatsApp a long while ago.

[anon(9607753)]

Don't use the internet, sell your smartphones and computers, don't go outside, turn off the lights, pull the covers up over your head. You should be safe now.

Unfortunately, we live in a world where we are all interconnected, like it or not. There is no way, other than my first statement, to avoid it and i doubt life would be very enjoyable. We have to just be aware, be smart, and go about our business. I don't see another way.

Yet another lecture addressed to an imaginary audience of "tinfoil hat-wearing BlackBerry users"...LOL

It must really bother people like you that some of the smartest, successful, and important people in the world still use BlackBerry.

[TgeekB]

Yet another lecture addressed to an imaginary audience of "tinfoil hat-wearing BlackBerry users"...LOL

It must really bother people like you that some of the smartest, successful, and important people in the world still use BlackBerry.

Your bias allowed you to misinterpret my comments, but if it makes you feel better...

[VinLou]

Why fix something they have known about for a year now or more. Why stop unlimited access????? It's not FB model. Don't know why people have a FB

No Shade Just Light!!! Silver Passport 10.3.2.2639

[anon(3732391)]

I just came across this article on the Guardian about a flaw in Whatsapp that allows FB to snoop on your conversations without your knowing. They can change the encryption keys without notifying you. The Signal protocol is not at fault but the implementation is flawed.

Forget worrying about the minor flaw.
This is the 'FLAW' you should be worrying about


With Border construction on the docket you may wanna rethink vacation plans and see what this "great country"... The U.S. of Trump has to offer.
It won't solve this particular issue to your liking but, it will solve the issue, just the same.
Forget about your own personal freedom and privacy. (call it what you want.) You lost both of them long ago.The only difference is , before... they could (and still do) access your device without your knowledge. Now, they've just added a more "personal touch' to invading what you think you still have. You really should get your faces out of your toy phones and look at what's about to happen around you on a scale of ..... well, think of it as ...far off the scale as you can imagine and triple that.
In the coming weeks, you can say goodbye to the FCC and Net Neutrality.

Take a vacation that you will truly remember for the rest of your life.
Come see the country's Biggest Spy Center.
If you want to see what this great country is really about, you will not wanna miss a visit to Mormon Country, where religious pioneers first arrived more than 160 years ago. They came to escape the rest of the world, to understand the mysterious words sent down from their god as revealed on buried golden plates, and to practice what has become known as “the principle,” marriage to multiple wives. (How cool is that!)
Bluffdale (somewhere south of Salt Lake City) is home to one of the nation’s largest sects of polygamists, the Apostolic United Brethren, with upwards of 20,000 members. The brethren’s complex includes a chapel, a school, a sports field, and an archive.
Just down the road aways, less than a mile from brethren headquarters, new pioneers have quietly moved into the area in the past several years. Like the pious polygamists, they are focused on deciphering cryptic messages that only they have the power to understand.But this temple is filled with servers, computer intelligence experts, and armed guards. And instead of listening for words flowing down from heaven, these newcomers are secretly capturing, storing, and analyzing vast quantities of words and images hurtling through the world’s telecommunications networks.
Its purpose: to intercept, decipher, analyze, and store vast swaths of the world’s communications as they zap down from satellites and zip through the underground and undersea cables of international, foreign, and domestic networks.
But,this temple and archive, is a massive complex so large it is more than five times the size of the US Capitol. The heavily fortified $2 billion facility in Bluffdale encompass's 1 million square feet. built by the largest and most powerful Terrorist Organization on the planet and known as The Intelligence Community Comprehensive National Cybersecurity Initiative Data Center,
You've seen them, you know them, you joke about them.. Now, you will learn to fear them.
They are The National Security Agency. They are the corruption that you know as The government of The United States of America. And you're responsible for finally giving them the power to do pretty much anything they want to.
This debate about your mobile devices and security is no longer debatable because you can't debate about something that doesn't exist.

You may still have time to get involved with the issues concerning digital micro-chip implants, that if all goes as planned, will start being implanted into every new born Baby around June of this year 2017.

Oh... If you DO decide to go out of the country for vacation.... pack an extra bag, just in case!

[anon(9607753)]

Your bias allowed you to misinterpret my comments, but if it makes you feel better...

I stand corrected, oh benevolent and enlightened smartphone mentor who posts on random internet discussion forums. Lol.

[TgeekB]

I stand corrected, oh benevolent and enlightened smartphone mentor who posts on random internet discussion forums. Lol.

(Edited). Whatever. 🤣

[sorinv]

Don't use the internet, sell your smartphones and computers, don't go outside, turn off the lights, pull the covers up over your head. You should be safe now.

Unfortunately, we live in a world where we are all interconnected, like it or not. There is no way, other than my first statement, to avoid it and i doubt life would be very enjoyable. We have to just be aware, be smart, and go about our business. I don't see another way.

So, I am guessing you are of the opinion that nobody had much fun 25 years ago or earlier because they didn't get probed by Google, Amazon, Microsoft and the rest of the data miners and hackers of any political orientation and security service.

Posted via CB10