Mark Zuckerberg Says WhatsApp 'Far More Private and Secure' than iMessage (facebook.com) 92
Mark Zuckerberg, writing in a Facebook post: WhatsApp is far more private and secure than iMessage, with end-to-end encryption that works across both iPhones and Android, including group chats. With WhatsApp you can also set all new chats to disappear with the tap of a button. And last year we introduced end-to-end encrypted backups too. All of which iMessage still doesn't have.
What threat model? (Score:4)
"More private and secure" doesn't mean much by itself.
Who are you worried about having access to your chats?
A foreign government? Your own government? Your ISP? Your spouse? Random hackers? Apple? Google? Meta?
Some of these are likely more legitimate concerns than others.
Re: What threat model? (Score:5, Insightful)
It is very secure. It securely transfers the contents of your messages to industry partners and government agencies.
Re: (Score:2)
Be willing to bet META/Facebook is one of those partners that gets all your info .. Hence Zuckerbergs sudden LOVE for WhatsApp., Basically in terms of privacy .. because thats what we are talking about who sees your data I would be hard pressed to believe ANYTHING he says without seeing an in depth analysis. BTW if the NSA wants your data they either already have or can get it. Same for Russian intelligence or the Chinese.
Re: What threat model? (Score:2)
Re: (Score:2)
For iMessage, you should have the option to choose to fall back to unencrypted SMS.
Whoops! You accidentally wrote that backwards.
For iMessage, you should not have the option to fall back to unencrypted SMS. That's the danger of it.
Re: (Score:3)
I think what you are trying to say is:
For iMessage, you should have the option to choose not to fall back to unencrypted SMS.
Re: (Score:1)
For iMessage, you should not have the option to fall back to unencrypted SMS. That's the danger of it.
Why? Sometimes you want it to fall back to unencrypted SMS but you want that to be an option, what you don't want is for it to automatically fallback to SMS with no option to disable that behavior.
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
> so if the threat is one of your sex partners finding out about
You forgot you were posting on slashdot? lol
Re: (Score:2)
or for that matter phishing, so it is likely to keep unsophisticated users safer.
See I'd say the opposite. The odds that our less sophisticated users gets duped into installing some back-doored whatsapp look-a-like trojan thing or putting their information into on some untrusted platform seem rather a great deal higher to me than iMessage.
I have lot greater faith in the average person who is concerted with their privacy to get something from Apple or a reputable mobile carrier dealer, set up and Apple ID and start using iMessage. Warn them to pick a strong password and they should be f
Re: (Score:2, Insightful)
Mark Zuckerberg, who has spent the last 20+ years LYING about EVERYTHING, and whose entire business DEPENDS on spying on you, says that WhatsApp is far more private and secure.
Re: (Score:2)
Mark Zuckerberg, who has spent the last 20+ years LYING about EVERYTHING
That's not strictly true: he did let slip something [esquire.com] that was completely true - both in terms of saying what he really thinks and factually.
Re: (Score:2)
Not only that, but they're conveniently ignoring features that disrupt their preferred narrative.
Take "end-to-end encrypted backups" for instance. You'd think from that description that it was a WhatsApp-hosted backup service to which WhatsApp has none of the keys, but WhatsApp's FAQ on the topic [whatsapp.com] makes it fairly evident that it's really nothing more than a password protected file dropped onto Apple or Google's cloud. Most of us would more accurately describe their offering as a password protected file that
On whose authority? (Score:5, Insightful)
Zuckerberg may even be right about WhatsApp being more secure. But I am certainly not going to believe that statement based on his say-so.
Re: On whose authority? (Score:2)
Re: (Score:2)
Yup, especially about backups. I just tried to move from an Android to iPhone and it was impossible to copy the history. Sorry Zuck, but you obviously havenâ(TM)t tried the features you are talking about.
I don't know about that. His claim was that they are secure, and here you say that not even you have access to them. Sounds like the feature is working as ... unintended.
so what's the catch ? (Score:1)
it is sort of a fun game.
Zuckerberg and his empire create a secured chatting app that has no obvious way to be monetized.
Now to figure out what the catch is , because he sure as fuck isn't doing this to be "good".
Re: (Score:2)
Re:so what's the catch ? (Score:5, Informative)
Meta-data? It's right in the name. That's most important for surveillance.
Is it open source? No. Do we trust Zuckerberg?
Re: (Score:2)
While I can't prove he didn't mean that, it's obviously an attempt at humor, and we probably shouldn't take an attempt at humor to be a display of the naked soul.
I say things that aren't strictly true when I'm trying to be funny, though I care a lot about humor. (No I don't do it on slashdot lol, my post history is not funny.)
Re: (Score:2)
Re: (Score:3)
> But Zuck ain't providing any actual evidence to back up his claims
We live in a post COVID world. Evidence and claims can be made up on the spot and anyone that questions them is spreading disinformation. And putting our democracy at risk I might add.
Re: (Score:3)
Oh, you mean like a 27 technical white paper describing in great detail the end-to-end encryption used by WhatsApp, which adopted the open source Signal protocol?
No, they would never do something like tha- wait. oh, they did.
https://scontent-atl3-2.xx.fbc... [fbcdn.net]
Re: (Score:3)
From your "27 technical white paper:"
WhatsApp defines end-to-end encryption as communications that remain
encrypted from a device controlled by the sender to one controlled by the
recipient, where no third parties, not even WhatsApp or our parent company
Facebook, can access the content in between. A third party in this context
means any organization that is not the sender or recipient user directly
participating in the conversation.
"In between," they say, which is convenient because they control the endpoints. Show me the place where they assert (or better: transparently prove) that nothing is collected from either end.
Re: (Score:2)
Zuckerberg isn't a trusted source (Score:5, Insightful)
He might be right, however in general I have better experience from Apple keeping stuff private than from Meta.
Apples business model is mostly around selling the Device (and revenue from App sales) while Facebook is about selling data to advertisers. if whatsapp is so secure, then how is Meta suppose to make money from it?
Re: (Score:2, Troll)
...if whatsapp is so secure, then how is Meta suppose to make money from it?
Are we now completely beyond the concept of any company offering a service that provides value, and it actually costing the company money instead of making up a justification to exist by turning you into The Product?
Serious question.
Re: (Score:2)
Can we discus companies funded by Intelligence Agencies' venture capital in a separate category?
I'm not saying they're bad at their jobs, to be clear.
Re: (Score:3)
Some has to pay sometime. WhatsApp doesn't offer much in the way of ads, so how does it pay for itself?
The answer was below (Score:3)
https://www.investopedia.com/a... [investopedia.com]
Re: (Score:1)
When you have FB levels of cash it isn't always about making money. It can be about losing money as long as your competitors also lose money,
Once they're out of business you can charge what you want.
This has happened many times in many industries.
In theory it is illegal but good luck getting the government to do anything about it before the smaller company is bankrupt.
Re: (Score:2)
They get access to your contacts and your phone number. If you refuse to contact list permission, you see other users as just their phone number with no name. You need a working phone number to log in to the app.
Re: (Score:2)
Oh, and they charge companies to have accounts used for support. That is also revenue.
Re: (Score:1)
Re: (Score:2)
A For-Profit Publicly Traded Company. Really is only concerned about the Share Holders, who most don't care about the company, but just follow what money they bring in or is expected to bring in.
Ethical choices or putting your time and effort into making a product of value, without a way to justify the costs just will not fly. If Meta and Apple were a Private Company, they might make a good product, and do some things that will not fill the quarterly balance sheet, because the owner real interest is in t
Re: (Score:3)
...if whatsapp is so secure, then how is Meta suppose to make money from it?
Are we now completely beyond the concept of any company offering a service that provides value, and it actually costing the company money instead of making up a justification to exist by turning you into The Product?
Serious question.
So, a few things here. First, it's not like Facebook released some FOSS code or something. They *bought* Whatsapp. They pay programmers to regularly update the app. Servers and ISPs and other far-end resources are needed. Whatsapp isn't free, and at some point, yes, one must ask "what's in it for Meta"?
Apple does this already. iMessage is free and has no ads. However, what's in it for Apple is "keeping users in the Apple ecosystem where they pay for apps and music and videos and iCloud subscriptions and new
Re: (Score:2)
WhatsApp of yesteryear had a reasonable business model and it was awesome: $1/year for E2EE messaging. Lots of people could afford it, worldwide. Now WhatsApp is free and Facebook isn't being straight about the business model.
This is only tangentially related, but FB Messenger used to be XMPP until they made it all proprietary.
Re: Zuckerberg isn't a trusted source (Score:2)
The one big things with iMessage is that it works with SMS and simply provides an âoeenhanced experienceâ for those with iPhones. It is not locking you into Metaâ(TM)s communication platform.
Admittedly there is a bit of complication with iMessage when you decide to move to Android, but you can get rid of it.
Two things that WhatsApp has going for it are:
- that you donâ(TM)t need to worry about suddenly finding you are paying a $1 for a text when roaming, because it doesnâ(TM
Re: (Score:2)
iMessage's user identity is based on Apple ID, with the phone number being linked to an Apple ID. You've always been able to change phone numbers and update your Apple ID, or even use iMessage without a phone number by using the email address associated with the Apple ID.
Re: (Score:2)
That's been true thus far, with the added fact that they have built a significant business model around cross-selling services based on their device/app store monopoly.
As a result of that keep-it-the-company business model, Apple has had almost no scrutiny of the data they do collect. I'd also bet that they have very little internal auditing of that data, and a culture of sharing it freely for cross-selling purposes.
We really have no idea what Apple does with iMessage data or metadata, while we do know tha
Re: (Score:1)
Re: (Score:2)
There's still plenty of metadata for Meta to get their little analytic shitdiggers into without having the actual message contents. Such as who is messaging whom, how frequently, and how that correlates to other things recently browsed by the same linked user via InstaBook, and if the recipients of the messages then confirm the correlation through also accessing the same content on InstaBook.
So he may actually be right about the message security itself - it's everything else around it that Meta will mine f
Re: (Score:2)
Re: (Score:2)
Deleted my contact list (Score:3, Interesting)
I installed WhatsApp on my phone and where the phone used to last 5 days on a full charge, it went down to 12 hours.
I uninstalled WhatsApp and the battery life was back to normal, but in the uninstall process WhatsApp popped up a message saying that it took ownership of the contact list.
After that it deleted my contact list.
Will not be using WhatsApp ever again.
Re: (Score:3)
What does "take ownership of the contact list" even mean? I don't think iOS or the Android API allows this.
Whatsapp is actually probably one of the best-behaved apps of all that I have on my system in terms of power consumption. Right now it has taken 0.2% of the battery running in the background without interaction, and I haven't even tightly restricted it.
Re: (Score:1)
iPhone 12 Pro. iOS 16.x. Very light WhatsApp user but it's always on. Usage for last 10 days is 3%. Usage for last 24 hours where I sent and received a dozen messages and 1 screenshot, 12% battery usage.
3% not terrible but 12% for extremely light use? Meh
Re: (Score:2)
I have Whatsapp installed on my Pixel 6 Pro. It doesn't even make the list of applications using significant energy.
Perhaps their iOS app is a huge pile of shit? Perhaps there is a setting where you can calm it the fuck down on an iPhone, much like the "Optimized" setting for individual Android apps?
Re: (Score:1)
No such setting I can see. iPhone app stuff is pretty basic. You get "allow background refresh = on/off" and nothing else for most apps.
What tends to happen is shitty apps eventually get fixed so maybe some future update will be better but otherwise, pft.
My wife's family uses it so I can't really delete or disable it. My phone lasts more than long enough but things like this are unnecessary and annoying, certainly.
I've had android in the past and occasionally borrow someone else's so I know what current
Re: (Score:2)
Clarity: I'm absolutely not blaming Apple for Meta's shitty coding. I'm putting that squarely on Meta for doing the same lazy shit they always do - include huge libraries of crap just for one function they rarely use, bloating the fuck out of their code and doing god-knows-what in the background so they could save 30 minutes and not write their own lean library for doing what they need.
I think Android's power management customizability is a nice safety net to have in case you end up with apps that are quit
Re: (Score:2)
I installed WhatsApp on my phone and where the phone used to last 5 days on a full charge, it went down to 12 hours.
I installed WhatsApp on my phone and it made absolutely no difference.
WhatsApp popped up a message saying that it took ownership of the contact list.
Nope, you must have explicitly given it control. It can't just take it from you.
After that it deleted my contact list.
If it did that kind of bug would take the internet by storm. This is especially relevant given there are many highly populated countries around the world who use WhatsApp as a primary messaging service which is why it is the single most installed Android app on the planet, and the second most installed app on the iPhone.
I just wanted to point that out before
Re: (Score:2)
Re: (Score:2)
Sure you didn't install AppWhats instead?
a little insight (Score:5, Interesting)
Re: (Score:3)
You're required to install the app on Android or iOS to start an account. Compare that to Telegram which, even though it does require a phone number, does not require you to install the app on your phone.
It's pretty obvious the app install is mandatory because they need that to grab your contact list, location data, etc. Fast food places are at it now too, it's slowly becoming so that their food isn't affordable unless you install their app and use the code it gives you. DuckDuckGo required an app install t
Re: (Score:2)
Requiring you to install an app is a huge red flag. Just the fact that they're requiring you to run an executable where you could just as easily open a web site.
Thanks for pointing this out. We should make a MUCH bigger fuss about this sort of practice. I don't use anything that doesn't have a web fall-back. Usually this is just affects frivolous things like "loyalty" bonuses at coffee shops etc, so I don't fell like I am actually missing anything important.
You might say "who cares if the loyalty card leaks my data, there's nothing personal in there" but here's a possible scenario: Your real personal info was leaked in the Optus data breach. Now the attackers have
Re: (Score:2)
I thought the loyalty programs were frivolous as well until recently.
I work with a bunch of non-IT people, supporting a team of 6 out in the field, making sure their equipment stays connected. Sometimes I will go get food for them or vice-versa. I never understood why they were all obsessed with gross McDonald's breakfast, especially considering how expensive it is. $3.50 for a gross egg and cheese sandwich? I usually pack my own food instead.
Well, it turns out they are all running the McDonald's app on the
Re: (Score:2)
Well, it turns out they are all running the McDonald's app on their phones. When they order from the app, it's $1, and if it requires "points", it seems to be so little points that's effectively a consistent price of $1.
If they can give such a big discount, that would make me even more nervous that they are doing something with your data that is very profitable for them, and therefore probably not in your best interest :-)
Of course, it might be as simple as giving McDonalds enough information to optimise staffing, or minimise food waste by only preparing what they expect to sell, and neither of those are "bad" for you.... Where I live, loyalty cards/apps are more like "the tenth coffee is free" at best. To me, that's not w
Re: (Score:2)
McDonald's seems to be pushing new technology particularly hard. Many of the locations here now have cut down to 1 cash register to push everyone to the self-order kiosk. I tried it once, the UI was weird and was geared to pushing specific items rather than giving a static menu and letting you choose. Of course I had to get in line for the cashier anyway (and there was quite a line) so it saved me no time.
I actually used to like going to McDonald's. But now, between the high prices, long lines, and weird in
Re: (Score:2)
Secure! Hah!
If I know where you are it doesn't mean I also have access to the contents of your safe. Don't confuse security with privacy.
Shit that Zuckerberg says (Score:2)
On what planet does someone figure either of these are at all "secure?"
Re: (Score:2)
He only said "More secure"!
I mean, it could be more secure than having it broadcast on nationwide TV. That's "more secure".
are there ads on WhatsApp? (Score:2)
However, Zuckerberg does have a point about cross platform compatibility. And that's why I use Signal. There's no fucking reason for me to go near Meta products, but then again I've never been their target audience.
Why the hell should we believe you? (Score:3)
Mark, in all seriousness, with your track record, if you told me at noon that the sun is up, I'd go outside to check for myself.
Re: (Score:2)
Mark, in all seriousness, with your track record, if you told me at noon that the sun is up, I'd go outside to check for myself.
I wouldn't even get off the couch personally, as nothing that man says is of any interest to me.
Re: (Score:1)
I'd panic and wonder why the sun was gone.
Security != Privacy (Score:3)
More secure? Maybe. More private? Doubtful.
Look at all this crap that Whatsapp collects [nitter.it].
Why? (Score:2)
Why is he even comparing WhatsApp with iMessage? Is he trying to make out that they're the same thing? Or built with the same purpose? Will he be saying that it's better than your favourite XMPP app? Or your SIP app?
Re: (Score:2)
Yes. Typically these messaging apps will try to replace your default SMS handler with themselves until you untick the box.
Re: (Score:2)
As far as I'm concerned, all of these non-SMS messaging apps are the same thing.
Re: (Score:2)
Will he be saying that it's better than your favourite XMPP app?
Facebook Messenger used to be an XMPP app.
Non-factual claims (Score:2)
- WhatsApp is far more private and secure than iMessage
Using what metric?
- With WhatsApp you can also set all new chats to disappear with the tap of a button
What does this mean? Once sent, anyone can take a snapshot of the screen. How do you enforce remote data deletion, what if someone doesn't reconnect the device to the Internet? If I need to keep data 'secure' for eg. a court case, and the opposing party can simply delete the contents, how is that 'secure'? Again, what metrics are you using?
- And last ye
... and facebook would NEVER change your settings. (Score:2)
Anyone think we can trust Mark?
What about your contacts? (Score:2)
What's actually in it? (Score:2)
What reason do we have to assume that Whatsapp actually is end-to-end encrypted? Or even if it is, how do we know that there isn't also side-channel access from Whatapp's servers?
I don't really care if somebody reads my texts, so Whatsapp is fine for me. If I were the kind of person who cared though, I definitely wouldn't take Zuckerberg at his word.
Fox reports "Nothing suspicious" in henhouse (Score:1)
So Secure it doesn't work. (Score:1)
Re: (Score:1)
Uh... you're the customer, if I read that right.... Tell them no. If they want your money they need to provide you another way.
That's rich... (Score:1)
Old marketing gag. (Score:2)
So he's basically just assuming his competitor's premise that iMessage is secure, and then going for some secure++ messaging? That's all well and good, until you start picking at the original premise that iMessage is secure at all:
security = 0;
security++; # more secure!
Neither is secure (Score:2)
Both WhatsApp and Apple Messages do the key management for you. When someone else manages the keys, you can't be sure who's part of the conversation.
I trust Apple more than I trust Facebook not to insert someone else into the conversation. But I trust myself more than I trust either of them.
I will keep using Signal
Trust Zuck ?? (Score:2)
facebook has shown it'll sell data to whoever.. (Score:1)
..and whenever they want to pay for it...
apple - not so much.
Once someone shows you who they are... (Score:1)
Sure, while you are alive, Satan will live up to the bargain but it's only because Satan knows that it's gonna be able to rape your ass with a broken bottle for all eternity after you die.
If WhatsApp is truly more private and secure than iMessage, it is only because Facebook has found another way to take rape WhatsApp users.