Ask HN: How do we know that WhatsApp doesn't spy on messages?

6 points by fdeage ↗ HN
Yesterday I was talking about WhatsApp with friends, trying to explain how end-to-end (E2E) encryption works. One of my friend (who is not a techie) said I was naive to believe Facebook couldn't see users' messages, considering its awful track record on privacy.

I was about to confidently reply something about how, with modern encryption, you don't need to trust the server to pass messages securely... but something held me back.

I was so sure about the system privacy, and suddenly I wasn't.

I know WhatsApp claims to implement the Signal protocol, which is considered secure (so far).

But some questions popped in my head: - What's preventing WhatsApp from not using the protocol properly, or at all? - What's preventing WhatsApp from, say, also send secretly the message to itself? Or a digest of it? Or just some keyword matches? You know, for "analytics"? Or to comply with obscure child porn laws?

I use WhatsApp every single day, so this thought makes me pretty uncomfortable. The more I think about it, the less I'm sure. What I find the most convincing is that, if such a backdoor existed, a WhatsApp employee would have leaked it on HN already...

What do you think? Do you trust WhatsApp on this?

17 comments

[ 3.2 ms ] story [ 54.7 ms ] thread
(By the way, one day I sent a picture of a dress to my sister-in-law on WhatsApp. She told me that Instagram sent her an ad 5 minutes later, with the exact same dress.

It was so unlikely to be random that I checked right away to see if pictures were safe. It turns out that pictures received and sent are shared within all Facebook apps - Facebook, Messenger, Instagram -, at least on iOS)

As far as I know Mark Zuckerberg already admitted that Facebook is spying on the Messenger messages:

https://thenextweb.com/facebook/2018/04/05/facebook-confirms...

Now Zuckerberg is merging Facebook Messenger, WhatsApp and Instagram:

https://mashable.com/article/mark-zuckerberg-speaks-on-whats...

Thus we can be pretty sure that WhatsApp messages are also being monitored.

Yes, but he also claimed to be willing to implement E2E encryption in Messenger (the whole "the future is private" narrative that he tried to push last year).

Plus, merging 4 messaging app of this size probably takes some time. This doesn't say anything about today's WhatsApp IMO.

The first article talks about Messenger only, not WhatsApp, and the second article claims the opposite of what you're insinuating, namely that they want to introduce E2EE across their apps:

> "The first reason I'm excited is moving more to end to end encryption by default in our products. People like this in WhatsApp. I think it's the direction we should be going in. I think there's an opportunity ... to have encryption work in a consistent way across the things that we're doing."

What they certainly analyse and presumably monetise is the metadata.

You should study open source software (like the Signal app or the Matrix network). Furthermore, study "trusted builds" and trusted hardware -- attempts to proof that certain lines of codes are really running on a system. Then we can talk again about encryption...
I know there are other problems and unknowns when using WhatsApp on an iPhone. I do not see how this is related to E2E though... Does it mean that any try to secure communications on the iOS platform is irrelevant in your opinion?
1. You can't know. (Unless something confirming the opposite leaks in the future).

2. Facebook's reputation is so bad when it comes to privacy at this point that trusting them is just naive.

3. Even in the best case, your metadata is certainly used. Facebook didn't pay over $20 billion for a service with no monetisation model purely out of the goodness of their hearts.

4. Whatsapp has good network effects at least here in the UK - when your flatmates or coworkers have a group chat, you can't just say "Well, let's get everyone over to Signal.". You either use Whatsapp or go without the group chat.

1. OK...

2. You are restating my friend's argument, but the idea of E2E is precisely to remove trust from the equation. If applied properly, there's nothing the company controlling the server can do.

3. Most probably, but that's not the point here. My question is specifically about the messages themselves.

4. Sure, but not related to my question either :)

> the idea of E2E is precisely to remove trust from the equation

It doesn't do that. You don't have a way to verify what software runs when you send a whatsapp message.

Oh, it's worse. End-to-end encryption assurances are essentially in conflict with centralized control over software development and distribution. Literally the same organization end-to-end encryption is supposed to protect from is the one responsible for implementing and deploying that protection and doing that well and correctly.
Agreed, but I meant "properly implemented E2EE".
I really think that you aren't even trying to understand what other people are writing in this thread and you're just going back to the same ideas that were in your head before you asked your question.
I am not the original commenter, but to be honest, you are casually dismissing very valuable points.

You claim that Whatsapp has E2EE, and that eleminates the need to trust them. Well let me ask you something: How do you know they have E2EE? You can't view the source code. Unless it's an open source program, the need to trust Facebook is still there.

And Facebook's history of continously violating user privacy can't be easily dismissed as well. If a company repeatedly collects data without consent, and sell them to third parties, you would be very naive to take them at their word.

Also the fact that Whatsapp was sold for $20 Billion is a huge red flag. Facebook isn't stupid, they wouldn't pay this much money without having a revenue plan.

So as TL;DR: It isn't 100% guaranteed that Whatsapp isn't spying on you, but we got to the point that until Facebook proves beyond doubt that they aren't, it's safe and logical to assume that they are.

I'm not claiming anything about E2EE in WhatsApp. In fact, the whole post is about trying to know whether they implement it properly.
> WhatsApp employee would have leaked it on HN already

Employees don't need to be aware of the backdoor if they aren't the one's listening.

At least, I assume Whatsapp is already compromised by some state actor and Facebook is getting some kind of funding to look the other way.