Original post text
Given the recent detainment of a French person who got detained because he said something bad about the current administration in his WhatsApp messages. It makes me wonder if WhatsApp is truly end to end encrypted as they claimed. How did they even single him out?
As a corollary question, if I were to pass Customs, and if I delete WhatsApp , Reddit etc just before I reach the counter, will they be able to find out that I just deleted the apps minutes ago? I’ll be deleting them from my phone but keep them on the cloud.
WhatsApp uses client-side scanning, which breaks end-to-end encryption by recording data before it gets encrypted or after it gets decrypted.
Man I just can’t get over all this free speech there is on Reddit. Just like how Twitter is legit America’s Town Hall, if you’re the “right kind” if American.
Use screenshots instead of links.
I did upload a screenshot with the link, but I guess it’s inaccessible… Here it is in full resolution
The oligarchy knows the whole tech sector is going to implode, and they’re trying to stave it off by curtailing criticism. Cute, and useless.
Go lemmings!
The Customs and Border Protection agents have authority to request a foreign entrant (even with visa) to unlock their phones. They can also deny entry if the entrant doesn’t cooperate.
So they don’t need to have backdoor access to WhatsApp. They can get in through the front.
My understanding is that this is what happened. They searched his phone, found the messages, then detained him.
WhatsApp has long been known to not be private
Do you think they all got instructions by the government what to censor or is it just masks off now?
It’s very easy to take over a subreddit or Lemmy community. Become friendly with the mods, then become a mod, then subtly harass and drive out (from separate accounts) any moderators who are standing in your way, then do whatever you want.
There is a whole industry of “reputation management” that specializes in distorting the narrative on the internet in favor of your company / your government / whatever. The question is not “are there gangs of Reddit moderators who are bad actors trying to distort the conversation,” the question is how many and who they are acting on behalf of.
Of course, Lemmy copied Reddit’s fairly silly and failure-prone model. Why they did that, I don’t know. On Twitter / Mastodon-style networks, you can do the same but you at least have to be a little bit sophisticated about it. On Reddit/Lemmy, it is trivial to do if you are patient about it and put some consistent effort into it, and you can make a ton of money if you can do it well.
Lemmy has open modlogs. Also, on Lemmy the instance owner can still ultimately override anything a mod does as they control the database.
That’s why it’s important to pick the instance for a community carefully.
Hmm. FOSStodon team:
The moderators are the unsung heroes of Fosstodon. They’re the people who work every single report we receive, and take appropriate action to keep Fosstodon a friendly and inclusive place for all our members.
CarrotCypher
Role: ModeratorMODERATOR OF
r/privacy
r/Pareidolia
r/opensource
r/OSINT
r/tails
… and 51 more ⇒Yep
Become friendly with the mods, then become a mod, then subtly harass and drive out (from separate accounts) any moderators who are standing in your way, then do whatever you want.
!yepowertrippinbastards@lemmy.dbzer0.com is still a thing
!196@lemmy.world attempted takeover lead to !onehundredninetysix@lemmy.blahaj.zone
So I’m not sure it’s that easy
Yeah, but I think the 196 blowup was just home-grown hamhandedness. I don’t think that was anything malicious.
The moderation activities I’ve seen on Lemmy that I would interpret as malicious are a lot more subtle and do not show up on YPTB that I can remember. One example is anonymous /c/politics mods making malicious decisions (making it illegal to claim someone is doing propaganda, or running cover for UniversalMonk), and then shoving Jordan to the front to take all the heat for it. Another would be having a little tidal wave of accounts accusing one of the moderators (who is taking action against propaganda) of all kinds of sins, until eventually that person stops spending time on Lemmy again and the propaganda can stay.
I feel like the techniques for doing this kind of thing are pretty advanced at this point, and no one really has time to pay enough attention to counteract them. On reddit they can be more overt, because there’s not enough of a coherent community to notice or do anything about it, whereas Lemmy at least does have YPTB to keep it a little bit in check. So maybe on that score you are right, but I definitely don’t feel like YPTB means it’s not happening.
There was someone who did it professionally who showed up on Reddit at one point talking about their experience and techniques and it was pretty interesting and pretty depressing.
making it illegal to claim someone is doing propaganda, or running cover for UniversalMonk
That didn’t really go under the radar
Another would be having a little tidal wave of accounts accusing one of the moderators (who is taking action against propaganda) of all kinds of sins, until eventually that person stops spending time on Lemmy again and the propaganda can stay.
I know about this one, but let’s be honest, that mod was quite aggressive as well
Can you guys give details? I’m kind of curious about who you are talking about and what’s the propaganda. It’s better to be on the lookout for it in any case.
I’ll like to add something I’ve been saying for a while, the blocking capacities of Lemmy seem to be designed to allow for these propaganda instances/comms/users to stay at least visible, block an instace at user level? no biggie, you still have to deal with their users, defederated? no problem, someone from an instance that links both can just crosspost and it will appear on the feed.
This gets worse when we take into consideration who the devs are and the instances they own and their usage.The problem is those propaganda users, aren’t just contained into those instances, as an example, I moved to an instance that blocks the 3 main propaganda instances but still the only news I keep seeing about my country (🇲🇽) are only those approved by the government… guess what is that called? If I try to call it out I get downvoted (yes, even with those 3 instances defederated), it’s hard to add proof because most critics were kicked out of every media company so they were left with their own blogs or youtube channels (in spanish, obviously) and bots quickly disregard those and there’s just so many that it’s impossible as what it feels like if I was the only mexican on Lemmy (I know I’m not, but feels like it).
I think YPTB only works if other instance owners and admins actually care about keeping order on their instance, but they are still humans, they can (and will) make mistakes or plain allow some mod to do their shit… because who the fuck knows, until it’s too much/late and they actually have to step in.
I honestly think the fediverse can work, but Lemmy isn’t it, it’s too lax and too easy to drown in propaganda… hard for anyone that doesn’t speak english and extremely easy to get brigaded if someone doesn’t agree with your instance/nationality (like what happened to mujico and more recently lemmynsfw).
There may be some combination of this and political partisanry going on. This isn’t the only thread where one moderator is suppressing criticism of big tech and big government. I might need to take advantage of that community for recording some stuff, thank you for pointing it out.
Thank you that is more likely.
It’s more likely that Zuck or Musk paid someone to go play moderator. Anyone can become a moderator.
Another deleted comment
Note, it seems you are not allowed in this reddit to express an opinion containing doubt about the security of WhatsApp - it will be removed by mods. As such, you can not read the replies here and form a judgement about what the consensus is.
carrotcypher (mod) 1 point 3 days, 1 hour ago
Or, you know, obvious astroturfing as an excuse to promote alternatives is against the rules.
Or, you know, obvious astroturfing as an excuse to promote alternatives is against the rules.
The irony of that statement is that it ultimately seems like they are the ones astroturfing here.
Astroturfing is when you say something I’m paid not to like
Any time you hear about anyone high profile using a chat app - what are they using?
They’re using Signal.
There’s a reason why they’re using Signal; as far as security it’s the best one out there. Sure, it’s tied to a phone number, but a phone number isn’t an identity.
I agree with what other people are saying, the whole phone number requirement of Signal isn’t great since, for the most part phone numbers are intended to link to your real world identity. That means they are a very big weak link.
Also let us not forget that Signal is a centralized service run by one company. They have been very resistant in the past to the idea of decentralization and interoperability. I’m already very skeptical of people who claim to be a savior or hero of Privacy and security lie this, even more so when it’s a centralized service. You do know that WhatsApp started out like Signal did right? Look where they are now. You cannot trust a centralized service like Signal, especially one that forces you to provide real world identification. Signal can just as easily be sold and backdoored like WhatsApp was, decentralized services are much more resilient to that kind of thing.
Whatsapp was bought by Facebook and then one of the folks dumped their money into signal making it a self-funded org.
Phone numbers are heavily tied to a person.
What signal had going for it is encryption, but that major flaw of tied to phone number makes me doubt everything else they say.
The phone number link means forward security isn’t possible. If ever the encryption is hacked, all your messages could be forfeit by anyone who’s simply kept the encrypted data.
The phone number link means forward security isn’t possible. If ever the encryption is hacked, all your messages could be forfeit by anyone who’s simply kept the encrypted data.
Can you elaborate on that? Obviously the phone number has privacy implications, but I don’t think it can be used to decrypt messages. In the signal protocol, encryption keys are exchanged using ECDH (so wiretapping doesn’t work) and periodically rotated (so even knowing the encryption keys at a certain point doesn’t let you decrypt messages after that).
A phone number can be traced back to a person. If there is ever a hack or backdoor it can be traced. There are plenty of alternatives that are open source and don’t require any kind of identifier.
The comment that you replied to does not imply the phone number can be used to decrypt messages. All they are saying is that because Signal accounts are tied to phone numbers, a potential adversary already has one piece of the puzzle (who is talking to whom). If somehow, some way, the encryption were ever compromised, then the adversary would have both pieces—in other words, they would know not only who is talking to whom but also what they are saying.
If the encryption is ever hacked, knowing who you are is probably the least of anyone’s concerns. I would imagine that any adversary could build a profile or plan a response without knowing a particular phone number.
“These two people are planning civil rights activism here on Friday,” is just as useful as, “MLK Jr and Malcolm X are planning activism here on Friday.”
Thankfully, they’d have to not only break encryption but also MitM the conversations, since Signal doesn’t actually store chat data on their servers.
I think he is going for the idea once encryption is broke in the future… You name is tied to the content forever.
Without phone number it would be just some random content.
I’m really not sure what the point is other than to track identities after they got rid of SMS. Sure, have an optional number to make calls, but is this some legal requirement to be on app stores or what?
Phone number is KYC’d
It is literally an identity and thats why everyone forcing you to use it now.
Phonenumbers are easy to fake, I have two signal accounts without any ties to my person.
That’s jurisdiction dependent… I thought that this ability is very limited now
Yeah, in some countries you can buy SIM cards at 7-11. In others you need to submit your ID, connect your bank account etc
You can get numbers for verification online. No need for buying sim cards.
Heres my referral :) https://sms-man.com/?ref=qPLi0ekHzn_c
Or you can just ask someone to buy a sim card for you…
deleted by creator
The mods response is odd but also the comments are real. Who is dumb enough to think WhatsApp is safe?
Your post has been removed for being too specific to a company or single product. These days, reddit is heavily astroturfed with fake posts asking questions about companies and services by shills of those same companies and services as a form of fake organic advertising, and by competitors trying to create FUD to benefit their own product or service. This often takes the form or character assassination, libel, and conspiracy theories.
We don’t allow it, and in order to keep it from happening, we remove posts that are too close to astroturfing, corporate comparisons, personal Nd political opinions, ranting diatribes, etc.
If your question was legitimate (asking for pros and cons, potential issues, comparisons, etc), feel free to use subreddits more appropriate such as one for the company or service mentioned, or see privacyguides.org for community comparisons and recommendations to privacy focused open source software.
r/privacy moderators also censored this post with the same reason:
IRS nears deal with ICE to share addresses of SUSpected undocumented immigrants
Really makes you think.
Okay that’s absolutely insane. Glad I switched to here even though it’s quieter
Fewer people but 1000x the engagement. I switched last month and I already have more upvotes than my 15yo Reddit account. Also folks are way, way smarter here. I feel like I’m learning more than I contribute, opposite story on Reddit. Well welcome!
Glad to have you here, too. Its not as big as the reddit counterpart but I like this community.
Kind of you to say. Must be glad to have you here because voyager tags you as being upvoted by me a lot! :D
Redditors in tech subs… Got down voted to oblivion for trying to point out just because Whatsapp uses E2EE, that it doesn’t mean meta can’t extract the messages from the apps before and after transmission.
Well that’s a way to look at it.
This def feels like censorship.
We saw Lemmy.world mods uses these clown tactics when CEo got deposed.
They just make up reasons for it it seems as they go.
This is nothing.
The mods gave a fair reason and the post wasn’t critical of Meta, only the comments were.
The OP is free to ask that in the WhatsApp subreddit (where there are probably dozens of the exact same question).
Maybe they were astroturfing. Read the sidebar for the rules. Are they being applied evenly?
Search the subreddit. There are plenty of posts critical of Facebook/Meta.
Many accusations of astroturfing but no evidence. I thought it was obvious.
