Moxie Marlinspike: There is no WhatsApp 'backdoor'

by Volker Weber

We believe that it is important to honestly and accurately evaluate the choices that organizations like WhatsApp or Facebook make. There are many things to criticize Facebook for; running a product that deployed end-to-end encryption by default for over a billion people is not one of them.

We believe that WhatsApp remains a great choice for users concerned with the privacy of their message content.

Moxie calls out The Guardian for their reporting. This developing story also demonstrates something that irritates me in the security scene. There are those like Moxie who create secure systems. And then there are those who create strange edge cases to demonstrate their prowess and make sweeping allegations from there.

The issue with Facebook/Whatsapp is not that they snoop in on your conversation. They can do that in your Facebook posts, likes, and such. The real issue is that they mine your social connections to deliver their advertisement product. But you cannot take offense here when you are using customer loyalty programs at the same time.

It is great that the Guardian thinks privacy is something their readers should be concerned about. However, running a story like this without taking the time to carefully evaluate claims of a "backdoor" will ultimately only hurt their readers. It has the potential to drive them away from a well engineered and carefully considered system to much more dangerous products that make truly false claims.

Signal is not one of those dangerous products. It's the original implementation of the secure protocol.

Comments

Sounds like WhatsApp and Signal are going to become more similar:

"In an interview, Marlinspike said Signal was in the process of moving away from strictly enforced blocking. He also said that WhatsApp takes strict precautions to prevent its servers from knowing which users have enabled security notifications, making it impossible for would-be attackers to target only those who have them turned off."

(http://arstechnica.co.uk/security/2017/01/whatsapp-and-friends-take-umbrage-at-report-its-crypto-is-backdoored/)

John Keys, 2017-01-14

Recent comments

Volker Weber on SMB is Dead, Long Live SMB :: James Kehr at 00:43
Volker Weber on SMB is Dead, Long Live SMB :: James Kehr at 00:38
John Keys on SMB is Dead, Long Live SMB :: James Kehr at 00:24
Volker Weber on SMB is Dead, Long Live SMB :: James Kehr at 21:15
Frank Quednau on SMB is Dead, Long Live SMB :: James Kehr at 20:32
Simon Laule on SMB is Dead, Long Live SMB :: James Kehr at 20:22
Nina Wittich on Surface Pro X :: Das Gerät macht mir große Freude at 09:43
Lucius Bobikiewicz on Switching to Signal at 06:31
Ragnar Schierholz on Switching to Signal at 19:33
Jens-Christian Fischer on Switching to Signal at 14:23
John Keys on Office 365 im Tagesangebot at 10:20
Jens Wagner on Surface Pro X :: Das Gerät macht mir große Freude at 16:52
Hubert Stettner on Office 365 im Tagesangebot at 16:26
Volker Weber on Surface Pro X :: Das Gerät macht mir große Freude at 15:35
Jens Wagner on Surface Pro X :: Das Gerät macht mir große Freude at 15:26
Christoph Spitz on Office 365 im Tagesangebot at 13:38
Yves Menge on Office 365 im Tagesangebot at 12:44
Volker Weber on Marshall Monitor II A.N.C. :: Erste Eindrücke at 08:13
Maikel Maes on Marshall Monitor II A.N.C. :: Erste Eindrücke at 07:58
Jochen Kattoll on The Neighbor’s Window :: Oscar Winning Short Film at 22:21
Harald Gärttner on Microsoft Office app on Android and iOS at 15:09
Volker Weber on App-Store-Interna: Apple geht gegen Buchveröffentlichung vor at 14:55
Oliver Stör on App-Store-Interna: Apple geht gegen Buchveröffentlichung vor at 13:42
Volker Weber on Microsoft Office app on Android and iOS at 13:02
Harald Gärttner on Microsoft Office app on Android and iOS at 12:56

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 06:04

visitors.gif

Paypal vowe