[anon(3732391)]

Now now children enough bickering.
While we only have the illusion of freedom it's still something and for now we still have choices.

Don't sweat the petty things and don;t pet the sweaty things.
These are exciting times we have to look forward to. It's great just to be alive not knowing if the planet will still be here in 4 years!!
Just think of it. If you're born on this planet you get a free ticket to the show. If you're born in America, you get a front row seat!!

Just one little hissy fit from Trump and............

[Tsepz_GP]

Furthermore, unlike Google and facebook, those other companies' entire business model doesn't consist of data mining.

LOL! What difference does it make, they still sell the customer data.

That's like saying drug dealers are better than Drug Lords as the dealers at least don't make the stuff.

Data is everything these days, anyone serious about retaining customers keeps a database and tries to keep that database profitable.

Don't use the internet, sell your smartphones and computers, don't go outside, turn off the lights, pull the covers up over your head. You should be safe now.

Unfortunately, we live in a world where we are all interconnected, like it or not. There is no way, other than my first statement, to avoid it and i doubt life would be very enjoyable. We have to just be aware, be smart, and go about our business. I don't see another way.

Exactly!

Unfortunately it seems many would love to believe that if they don't use a particular app or platform they will be completely safe from their data being mined, LOL.

I have a colleague he doesn't use Facebook as he says they sell your data yet he has a Bank Account, a Cellphone contract, Credit Card, a smartphone (BB Z10), clothing store accounts and uses public transport. It's the most hilarious thing to me as there are so many areas where he has completely given away his data and can easily be tracked.

Got to love the Tin Foil hats!

[Richard Buckley]

Hmmm am I missing something? When the encryption key changes, I gets a notice on Whatsapp that it was changed, so I know that there's a risk that my message was intercepted.

It's not perfect but again you gotta strike that balance between usability and security. If a message cannot be re-encrypted, then we would be complaining about something else here.

From the Guardian article:

The vulnerability is not inherent to the Signal protocol. Open Whisper Systems’ messaging app, Signal, the app used and recommended by whistleblower Edward Snowden, does not suffer from the same vulnerability. If a recipient changes the security key while offline, for instance, a sent message will fail to be delivered and the sender will be notified of the change in security keys without automatically resending the message.

So in the original Signal protocol when the encryption key changes, the message is not delivered (so it is not disclosed) the originator is informed and can send it again. There is no need in this case to give up security for usability.

[ControlsGeek]

Hmmm am I missing something? When the encryption key changes, I gets a notice on Whatsapp that it was changed, so I know that there's a risk that my message was intercepted.

The "flaw" in the WhatsApp implementation is that the notification that the encryption has changed (which only comes up if you configure it and by default is off) only notifies you after it has already forwarded your message or string of messages to the man in the middle ! I no longer consider it a backdoor but at least they could fix it so it allows you to resolve the key change before it sends your stuff to the new key holder who may not be your intended recipient

[bobshine]

The "flaw" in the WhatsApp implementation is that the notification that the encryption has changed (which only comes up if you configure it and by default is off) only notifies you after it has already forwarded your message or string of messages to the man in the middle ! I no longer consider it a backdoor but at least they could fix it so it allows you to resolve the key change before it sends your stuff to the new key holder who may not be your intended recipient

Ok I understand. Like you said it's not really a backdoor anymore, it's something they can easily resolve.

Also I guess for 99.9% of the people using whatsapp, it's a non issue cause no one would go to that length to read their message... and even less messages that haven't been delivered... cause this issue would only happen with specific conditions

[1122334455667788]

Here's an interesting explanation: https://www.eff.org/deeplinks/2017/0...alled-backdoor

[ohaiguise]

Don't worry you guys - Chairman Chen has singlehandedly made the most secure version of Android EVER!!!!!! Just buy a DTEK and you'll be totes protected against any bad stuff!!!!!!!!!!!!!!!1

[Prem WatsApp]

Sadly, the general population doesn't seem to care too much about security. If they did, I'm sure BlackBerry would be selling like hotcakes. Instead, folks are more interested in the fun and social apps and aren't overly concerned about the snooping of conversations and ability to glean data from their phone.

[...]

Most people's lives are mundane, trivial ... and whatever other words we could come up with.

There aren't a lot of whistle-blowers, hardcore underground journalists, newsferrets, and coming world-changers that might be a threat to the status quo...

;-D


•   10.3.3 - that's the go for me... ;-D   •

[Richard Buckley]

Most people's lives are mundane, trivial ... and whatever other words we could come up with.

There aren't a lot of whistle-blowers, hardcore underground journalists, newsferrets, and coming world-changers that might be a threat to the status quo...

;-D


•   10.3.3 - that's the go for me... ;-D   •

But all these people who probably don't need encryption at all really seem to be sold by the idea of unbreakable end-to-end encryption if not by what they have to do to get it. I often wonder how many people who believe that WhatsApp or iMessage is providing them "military grade encryption" even try to encrypt email.

In any case Security Now episode SN 595 has a balanced look at the question and what the implementation that WhatsApp uses actually means to users' security. If you care about this at all you should listen to that episode at least.

In the end it all comes down to trust. Who do you trust more, a company that tells you their chat product is end-to-end encrypted and even they can't read the traffic; but it turns out that they could if they want or are forced to? Or a company that is up front and tells you that the free version they can read and if compelled they will share with law enforcement, but has a paid products that are actually secure end-to-end?

LeapSTR100-2/10.3.3.2163

[silversmith75]

Cause face book wants all you data.

#luvmybb10os

[bobshine]

But all these people who probably don't need encryption at all really seem to be sold by the idea of unbreakable end-to-end encryption if not by what they have to do to get it. I often wonder how many people who believe that WhatsApp or iMessage is providing them "military grade encryption" even try to encrypt email.

In any case Security Now episode SN 595 has a balanced look at the question and what the implementation that WhatsApp uses actually means to users' security. If you care about this at all you should listen to that episode at least.

In the end it all comes down to trust. Who do you trust more, a company that tells you their chat product is end-to-end encrypted and even they can't read the traffic; but it turns out that they could if they want or are forced to? Or a company that is up front and tells you that the free version they can read and if compelled they will share with law enforcement, but has a paid products that are actually secure end-to-end?

LeapSTR100-2/10.3.3.2163

Well Whatsapp and iOS are in fact end to end encrypted and as secure or more secure than most paid or free end to end encrypted messaging services out there.

Now what you should ask yourself is this: which is more secure? A platform that is secure and universal and used by almost everyone? Or one that is secure but no one uses? If I want to communicate with my clients using BBM protect, I bet that none of my client uses it. How is that secure?