Why WhatsApp Will Never Be Secure
graph.org
external-link
The world seems to be shocked by the news that WhatsApp turned any phone into spyware. Everything on your phone – including photos, emails and texts – could be accessed by attackers just because you had WhatsApp installed [1].   This news didn’t surprise me, though. Last year WhatsApp had to admit they had a very similar issue – a single video call via WhatsApp was all a hacker needed to get access to all of your phone’s data [2].  Every time WhatsApp has to fix a critical vulnerability in their app, a new…

This is an article written by telegram’s founder and CEO Pavel Durov in 2019 on “Why whatsapp will never be secure”. Your thoughts?

I’m confused regarding why you don’t consider telegram a private messenger.

Never has been, no default e2ee, and those exploits that leaked a ton of users locations.

Not to mention, no messenger is verifiably private unless it is fully open source.

@Dra@lemmy.zip
link
fedilink
210M

Telegram isn’t, so you must be very confused indeed

datendefekt
link
fedilink
1210M

It’s been a while since I looked into it, and things might have changed since then, but some stuff off the top of my head:

  • Messages are stored on the server, not on the device
  • end-to-end encryption not enabled by default
  • uses proprietary encryption, making security audits difficult

Apart from that it’s somewhat politically questionable, based in Dubai (I think), with dubious financial backing and Russian developers. Because it’s closed source and the encryption is proprietary, there’s no way of knowing how much info it leaks.

Clot
creator
link
fedilink
5
edit-2
10M

Messages are stored on the server, not on the device

Yes, pretty much necessary to provide multidevice support

end-to-end encryption not enabled by default

True that and telegram sucks big here, but I donth think e2ee can be enabled in a feasible way for multiple devices.

uses proprietary encryption, making security audits difficult

The MTProto isnt open source but its fully documented, there have been security audits on it.

dubious financial backing

No. Pavel Durov have always said since starting he paid for telegram’s servers from his pocket, in recent years telegram has started monetisation programs to cover its costs.

Russian developers

The founders were born in Russia, but they now have dual citizenship of UAE and France. If you are talking about politically questionable, even signal have been accused of having backdoors for CIA.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

  • 1 user online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 2.96K Posts
  • 74.6K Comments
  • Modlog