SoylentNews is people
SoylentNews
posted by
cmn32480
on Tuesday April 05 2016, @11:17PM
from the what-about-beginning-to-beginning dept.
from the what-about-beginning-to-beginning dept.
The title pretty much says it all. According to the report:
the service will encrypt all messages, phone calls, photos, and videos moving among [the devices].
Moxie Marlinspike is involved, so they have a chance of getting it right, and no one, even WhatsApp, will be able to know what you”re saying, texting, viewing, &c. (Unless, of course, your widget is running malware, or the opposition can get their mitts on it.)-: They claim this is available on nearly a billion devices—this is a really big deal.
takyon: Alternate links with no Wired paywall: TechCrunch, Washington Post, CNET, Reuters.
This discussion has been archived.
No new comments can be posted.
WhatsApp Encrypts End-to-End in Latest Version
|
Log In/Create an Account
| Top
| 52 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
No self-made man ever did such a good job that some woman didn't
want to make some alterations.
-- Kim Hubbard
(Score: 3, Insightful) by opinionated_science on Tuesday April 05 2016, @11:43PM
1) I have Signal. Until I get Whatsapp source code, it's a cute announcement, but carries no weight. This is because the Govt has made it illegal to disclose if you put in backdoors...(Still the major WTF? )
2) None of my contacts seem to have the secure update....!
(Score: 1, Insightful) by Anonymous Coward on Wednesday April 06 2016, @01:40AM
(1) Signal depends on the google play store's closed source api, so while it isn't as untrustworthy it is still untrustworthy pick your poison
(2) Patience Give it a few days for it to roll out
(Score: 2) by frojack on Wednesday April 06 2016, @05:26AM
Did the Patience bit, with Signal.
Invited several people, couple tried it, and then ended up deleting it because all their friends were on another service.
Deleted it.
Same with Proton Mail. It wouldn't inter-operate with normal GPG/PGP encrypted email. How hard would that have been to add? Deleted it.
Same thing with Telegram. Nobody home.
Deleted it.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Wednesday April 06 2016, @10:34AM
None of that applies to WhatsApp which has a billion users.
(Score: 0) by Anonymous Coward on Wednesday April 06 2016, @11:36PM
That second point was about working with PGP or GPG.
(Score: 2) by kadal on Wednesday April 06 2016, @03:19PM
SIgnal only uses GCM to tell the device there is a message waiting for it on the server.
(Score: 2) by Pino P on Wednesday April 06 2016, @08:11PM
If the intent is to cover Fire OS devices, which don't ship with the GCM library, one could try using ADM, Amazon's counterpart to GCM [amazon.com]. But that appears to be proprietary as well, as it works only on Fire OS devices, not all devices that can run Amazon Appstore. So what push mechanism should free software for Android be using instead? F-Droid lists alternatives to several proprietary libraries [f-droid.org] but not to GCM.
(Score: 0) by Anonymous Coward on Wednesday April 06 2016, @09:38PM
That's true, but it misses the point.
Signal makes a call into the GCM binary blob.
Once it starts executing GCM code, there are no guarantees.
It also means you have GCM's various services running on your phone, so even if Signal doesn't directly execute compromised code, your phone may still be compromised because GCM is sitting there in the background doing housekeeping.
(Score: 3, Insightful) by Runaway1956 on Wednesday April 06 2016, @01:51AM
2) is a killer. Few of my contacts see any point in encrypting anything. Those who see a point only encrypt now and then. None can be bothered with full time encryption. No encryption app "works" if the intended recipient can't or won't install the software needed to decrypt the message. Those who only encrypt the odd message that they consider "important" are self defeating - surveillance knows what he'd doing all the rest of the time, so the odd encrypted message draws their attention. Chances are, if they know everything else, they have a good chance of deducing what he put in his encrypted message.
Encryption should be an integral part of all operating systems, as well as application. Joe Sixpack shouldn't have to think about it, he shouldn't have to opt-in or opt-out. Joe doesn't want to think, or make decisions.
Abortion is the number one killed of children in the United States.
(Score: 2) by hemocyanin on Wednesday April 06 2016, @04:35AM
Signal is pretty cool in that you can replace your normal SMS app with it. You can use it to communicate, unenecrypted of course, with non-users, and encrypted between users.
One of the main issues with something like whatsapp, is that BOTH parties HAVE to install it, meaning that many people will be annoyed by having to run two different apps and remember who to use the encrypted app with. When people can use one app for both types of contacts, it lowers the barrier to entry for that individual (at the expense of making it easier to mistake who is who) and thereby makes it more likely for the app to spread over time.
(Score: 2) by kadal on Wednesday April 06 2016, @03:22PM
They probably already have it. There is no rollout. My app updated sometime last week. Message anyone with the latest version and it'll popup a message saying the chat is now encrypted.