SUMMARY
- The EU has identified WhatsApp as a gatekeeper in the messaging industry and has given it a few months to enable interoperability with other apps.
- The EU’s Digital Markets Act aims to promote fair competition and give consumers more options for alternative services.
- WhatsApp has already begun working on interoperability with other apps, potentially allowing smaller players like Signal to compete more fairly.
I can’t wait for signal/session/simplex to be whatsapp compatible, but I’m not sure they can provided the e2ee gurantees since whatsapp is closed source.
I’m not sure they can provided the e2ee gurantees since whatsapp is closed source.
Uh, news flash: Signal and Meta are business partners and WhatsApp (just as Facebook Messenger) uses Signal’s encryption:
The ability to sell proprietary versions of Signal libraries is literally the reason for Signal’s Contributor License Agreement: https://signal.org/cla/
it’s still closed source, so we can’t make guarantees about WhatsApp conversation participants.
so we can’t make guarantees about WhatsApp conversation participants.
“We” can’t but Signal, who work on WhatApp’s source code, can: https://signal.org/blog/there-is-no-whatsapp-backdoor/
tldr: When contacts have verified each other, communication is secure.
If you think that Signal can’t be trusted, you should not use their client either.
signal may have given a fully vetted and correct implementation to whatsapp, but because its closed source we don’t know if it has changed, or if its really implemented on all conversations.
It changes the trust model of conversation participants.
To answer your query, if signal was closed source, I wouldn’t trust it either.
signal may have given a fully vetted and correct implementation to whatsapp
They were not “given” it. They are literally the contractor who worked on that: “Over the past year, we’ve been progressively rolling out Signal Protocol support for all WhatsApp communication across all WhatsApp clients.” –https://signal.org/blog/whatsapp-complete/
but because its closed source we don’t know if it has changed, or if its really implemented on all conversations.
I’m not an encryption developer. I can’t vet this for Signal’s own app either.
…and because its closed source, community cryptography developers and researchers can’t vet it for you either. That is the core issue, its not about trust.
It’s about capabilities that inform the threat model, and the exposure model.
removed by mod
Please keep it civil.
Copy that, ghost rider. That’s my bad.
You could be right for all I know, but only assholes begin their statements by saying “news flash”.
The self-proclaimed rapist is really one to judge…
Ever heard of TV?
I assume it’s a reference to It’s Always Sunny in Philadelphia.
I assume it’s a reference to It’s Always Sunny in Philadelphia.
So he calls himself a rapist and others “assholes” just for fun? Phew, I’m so relieved. I really thought he violated rule 9 (No offensive or unhelpful content) just for a second…
removed by mod
I fear that Signal won’t implement cross compatibility for WhatsApp since they already said that they are not a fan of potentially giving up E2EE to get it to work. And I can understand that but I still really would like to have the cross compatibility.
I hope Signal doesn’t if it won’t be E2EE. I like knowing that if it’s in Signal, it’s E2EE, and being able to tell less technically sophisticated people to whom I recommend Signal that everything in it is secure against eavesdropping.
Beeper will do it, if you self host, it shouldn’t be terrible
deleted by creator
At least that’s what they said it uses.
Signal and also lots of other privacy focused messenger-services (threema e.g.) already said the will not implement this forced interoperability since it will lower their already high standards regarding their users privacy. Sad but i guess it makes sense :(
So users of those apps will have to install the even less secure apps to converse with “normies”. Great move.
Does anyone know what level of interoperability is required? Like basic text, pictures, emoji… or every feature including things like location sharing?
Full Unicode text and images is likely all we’ll get, but honestly I never understood the appeal of all the crap they stuff into (say) iMessage.
I don’t know iMessage, but some of the more advanced features in WhatsApp/Messenger are great. I use shared location almost daily, voice messages are great too.
Good question. Because it could end up like the interoperability of MSN Messenger and Yahoo Messenger of the early 2000’s. It was crap.
deleted by creator
No it won’t.
My sister was angered when I quit whatsapp (and facebook), asking me reasons why and if it was because I didn’t like her. Told her I like my privacy. Haven’t heard of her and a lot of other family since who only like to communicate through social media. Good.
I like SMS and Signal, only people that care for me are using that because I asked them to.
only people that care for me are using that because I asked them to.
That logic works both ways. You don’t care about them enough to use WhatsApp/Facebook it seems to me.
I’m there with you on the ideals, after all here I am on Lemmy (and mastodon fwiw) with Reddit and TwitterX deleted.
But, everybody I am close to in everyday life is a normie for lack of a better term. I don’t have to use Facebook regularly, for example, but there is a practical value to just having it available and checking notifications from time to time.
Kind of like how I’m looking through some code in Linux at work today, but it’s running in a VM on my Microsoft/O365 equipped PC. Much like with Facebook, factors outside my control necessitate using it, so I accept it without stressing myself.
I’m not trying to argue or convince you to change your ways though! FLOSS and privacy need awareness and advocacy, and therefore need strong outspoken supporters!
Chad move
Cutting off your family because you care about privacy is still weird unless you have poor relationship with them. Op mentioned not hearing back from them so it seems they’re not even using any other methods.
That honestly sounds more sad than anything else.
Sad chad
WhatsApp can eat a crap
I won’t use it either
Fuck that, fuck them they belong in the digital bin. I don’t want WhatsApp to be able to connect to Signal or anything else. Sounds like a gigantic security risk.
“I don’t want these Signal encrypted Matrix protocol messages on my Signal encrypted Matrix protocol messaging app, it’s a gigantic security risk”
deleted by creator
Yeah, fuuuuuck that. I use Signal for a reason.
Yeah and I’m kinda liking the “either use signal or leave me the fuck alone” part of it.
This is such a silly take. If you will talk to signal users, you won’t interact with this tech. If you want to talk to whatsapp users, right now yo need to have the app which is much worse!
WhatsApp and Signal use the same Signal developed protocol for E2EE
And yet one of them is from Facebook and the other one is not…
deleted by creator
Would be awesome if EU demanded that they made at least the message handling part open source.
deleted by creator
Well, that’s correct. Apologies.
deleted by creator
Exactly.
Signal interoperability
I support it but this doesn’t sound legit
Nice try, WhatsApp.
The fact that iMessage got the exemptions underpins the entire act. I would any day switch to Signal, if there is 1:1 interoperability b/w the platforms.
They got a exception because npbody uses that insecure garbage here, everyone uses Whatsapp tho so this makes a lot of sense!
Apple just claimed an exception. It’s still up to the EU to determine whether it is actually exempt or not.
I’m sure I read that they got the exemption approved.
That’s because iMessage isn’t big in relative terms. It’s pretty much only Apple users (and to make it worth it, you pretty much need a phone, just having a mac.and relying on iMessage isn’t very useful tbh) and people don’t always realise it but iOS isn’t that big. It’s a minority in the smartphone world.
Nobody here uses it though
Yes. Thankfully.
It’s because there’s not enough people in the EU actually using it.
iMessage is not considered a gatekeeper in Europe because pretty much nobody uses it. That’s why it’s extempted.
Here people use it as a better SMS. Group chats are all on Discord for my generation and the older generations primarily use FB messenger I believe.
It’s really on American regulators to hold American companies accountable if they abuse their dominant position in the American market to the detriment of American consumers.
@TheMadnessKing @floppy in Europe for most people iMessage is just the SMS app. Even though it pisses me off that Apple got away with it, having WhatsApp to comply with this is just huge. Everyone here uses WhatsApp, and now I won’t be forced to leave Signal anymore.
Whoa this is bonkers! Would be great if all apps supported RCS as a fallback
deleted by creator
Genuinely interested:
Made obsolete by what protocols?
Why is this being presented as “whatsapp will be the one and only” instead of “whatsapp won’t be the only option”? The DMA will users to install nearly any chat app and chat with users from another chat app.
Where are you getting “the one and only” from? Are you misinterpreting “one-stop solution”?
What are you interpreting “one-stop solution” as?
Cool so I can decide to use Signal for privacy reasons and if the other party uses WhatsApp all my chats with them are read by Meta? What is the point?
deleted by creator
You can install both apps and transition one friend at a time
No, it’s still E2EE. Meta can’t read it as far as anyone knows. Meta will know that the other person has you in their contacts (they already know this) and that they are messaging you, that’s it.
Meta writes the software that runs on the other end, and it’s closed source. Therefore for all we know, the message is end-to-end encrypted, and the moment it is decrypted on the other end Meta can send it back to their servers or use it for advertising. Unless the client at the end is open source and audited, E2E doesn’t mean much imo
Well, I think you’re the only one who thinks that E2EE doesn’t mean much.
deleted by creator
So, this isn’t quite as valid a fear as you seem to think. There will be a lot of very smart people analyzing the shit out of what the app appears to be sending to Facebook servers. True it’s closed source but that doesn’t mean it’s impossible to catch them doing fucked up shit. How do you think we currently know about things they do like this? Do you think Facebook told security experts just to be nice? Or do you think the experts figured this shit out on their own?
Sure, good point. But you do agree that it’s harder to trust something that explicitly hides from you what it is doing?
Oh I agree they’ll do every bad thing they can get away with. I just think they wouldn’t get away with decrypting the message and sending it straight to FB
I did get their point and what I’m saying is that back doors like this are discussed all the time and as of now, there’s no proof that they exist. To the contrary, we have information confirming that content of E2E encrypted messages is not available to government agencies. Claiming otherwise without proof is simply spreading disinformation.
If somebody hands me a black box, tells me what’s inside, how is the burden of proof on me? I have to trust them blindly until somebody proves that there is something bad in the black box? No, I ask for a transparent box in the first place.
WhatsApp being a black box means we don’t know how it’s doing things but we can still know a lot about what it’s doing and what it’s not doing. For example we know it has permissions to access all the contacts and we know when it’s accessing device location data. We also know from FBI documents that they can’t access content of E2EE messages or how much data it’s transmitting and when. It would be hard for Meta to transmit all received messages to their servers without anyone noticing. It’s good you prefer OSS but it doesn’t mean you can make wild claims about some security flaws like that.
That’s not it. It’s E2EE but Meta gathers all the metadata from Whatsapp including who you contact, when, where, how large the messages are, what times you’re online and for how long, phone numbers, names etc. That’s plenty of info to create a profile on users and their connections with each other, as is Facebook’s MO.
That’s exactly what I said. They will have meta data but will not be able to read chats. What are you disagreeing with?
Whatsapp encrypts top and it’s your choice to write with someone on Whatsapp… 🤦
What is the point?
The point is that you are not using Whatsapp to talk to them. Which is inherently an improvement since they only get one sided metadata.
deleted by creator
It does not. Discord was not recognized as a gatekeeper.
Nostr fixes this.
Simplex.Chat fixes this.
I have a whatsapp because my dad wanted to be able to call me without international long distance fees. He’s called once and I get endless amounts of spam. I’ll be seeing him in a couple of weeks, and I can hopefully switch him to LINE (what everyone uses here) and get rid of this app for all and get the last cancer of Meta out of my personal life.
WhatsApp is fundamentally bad and anti-consumer because it is proprietary. When people are not allowed to understand, change and redistribute the source code, the people will ALWAYS be milked and abused in some way. Trust me. LINE is also closed source and unfree, so it would only be a matter of time until that company fucks you up and you want to switch to another messenger. The most popular open source/ free messenger would be Signal. Conceptually the most promising one in my opinion is SimpleX Chat, if you want to be a bit more adventurous
No one I know is going to change to those. LINE also has other business stuff built in for interacting with companies (customer service for my massage place, my dentist, etc.) In an ideal world, sure, but it isn’t going to happen.
I have a similar issue but I am able to use SMS for those few people, most of them are relatively easy to convince of Singla in my experience, it’s as easy as it gets, basically whatsapp in secure!
LINE is the worst for spam though.
Really? I’ve gotten almost no spam in the last decade or so I’ve been using it. The one time I did, I think the account had been hacked.
Back at you with whatsapp too. I still dislike it but not because it generates spam, at all. Do you mean that you get messaged by spammers though whatsapp? I only use it to chat with family memebers and I have no issues with notifications or anything. Maybe I have blocked some notifications but you can do it too.
Yeah, I get tons of random messages from people I don’t know. A couple are recruiters who are finding my number on my CV, but most are just “hi sweety, do you have time to talk?” from random numbers all over the world.
Huh, that means that your phone number was sold to call centers. There’s a thing called the robison list in europe, idk if it works worldwide, where if you put your phone number in that list call centers can’t legally call you. I’ve recieved zero spam since I put my number in that list, but it seems surprising that recruiters are contacting you through Whatsapp instead of calling you, emailing you or just sending you a message through LinkedIn, that’s seems excessively aggressive.
Damn, I don’t really have a solution besides marking them all as spam, but new numbers will keep coming so idk if there is a good solution, sadly. Just a note though, if you are receiving that much spam through whatsapp is noe because it’s whatsapp specifically, it’s because it’s the most used app in europe and spammers try to contact numbers from their list though the common apps by default.
Signal will soon be your one stop solution for all your chat apps
Fixed that for you.
* Except SMS
especially SMS
letitgo.gif
