• Off Topic
  • Whatsapp install help. Aurora says it contains no trackers.

Hello guys,

Im planning to install whatsapp in shelter app(work profile). I dont want whatsapp to know anything about my phone......literally anything other than files and contacts. My daily life needs whatsapp badly, be it for work, home tasks..etc.

In the setting i mentioned above, can anybody list what all things whatsapp can know about my device/myself? Will it get to know my imei? Or device hardware addresses like bluetooth/wifi, which can be used to identify my device? I dont even want it to know what device im using or what other facebook apps im using.

I also need to install banking apps and i need the same for them. Location is a compromise here though.

Please drop your suggestions guys...

    • [deleted]

    Grape-eneOS when you register it, it has your phone number, give it contacts access and it knows your relationships, give it access to media and it will have access to it, give it access to sms and phone and it will read all your texts and see your call history, give it access to location and it will be able to pinpoint your location. How do you keep private from WhatsApp (and Facebook for that matter)? By not using it. Don't look at the trackers, scrutinize all the permissions you give it.

      Grape-eneOS I dont want whatsapp to know anything about my phone.

      That's impossible as of yet. There's a number of small bits of information an app with no permissions can retrieve, it's usually harmless and poses no concern, but can be used to fingerprint a device. The FAQ has a very good entry about this topic, have a read: https://grapheneos.org/faq#hardware-identifiers

      Graphene1 https://reports.exodus-privacy.eu.org/en/reports/com.whatsapp/latest/

      This is an excellent example why Exodus is so misleading. All it does is check against a list of known libraries it deems to be trackers and if there's a match, it rings the alarm bells. If the "tracking" library is simply renamed or otherwise obfuscated, it doesn't go off. If it's a custom implementation, it stays silent. Tracking code can and does fall under the radar all the time, as clearly showcased here. If we trust this kind of "analysis" the Facebook app is the most innocent thing on earth.

      Then there's also the permissions page, that is also deceiving. What Exodus lists there are the low-level permissions an app can request, they are not automatically granted on their own.

      [deleted] what if you register with a throw away simcard in a burnerphone? Then whatsapp has no phone number related to you. I think grapheneos does not give apps permission to read device identifiers in general. With the imei i am bot sure. I guess it is impossible to hide it from the celltower but i don't knkw about apps.
      Is it not the case that in graphene, you have the option to not give the whole permission in terms of storage for example, instead you can give the permission "per file". I am sure that works with vlc media player. I have to register every file one by one when inwant that vlc is able to play it. I think this would be possible with whatsapp too. With contacts i have no opinion because i dont have any. But i knoe it is possible to chat with people on whatsapp without the need to have these contacts saved in contacts. The downside is you loose the chats easyer (at least in signal) and you have do go by the peoples profile photos because you do not see they'r names when you don't save them in contacts.
      So basicly in my opinion he is able to use whatsapp with when he denies contacts and only give per file storage permission. and if he is able to Tor everything or VPN everything (without root but by router) then whatsapp shoukd have no number, no ip, no mac, no imei
      BUT
      As whatsapp is closed source you don't know what it does. Its company is famous fir all the things privacy minded people hate.
      It is bot possible to have total controll of what your chat partners do. If they save you to contacts SOMEONE could ealisy find out EASY who you are by relationsship mapping of previous conversations and actuall ones. But this is kinda unlikely to happen if you are not targeted person. But you never no how the wod evolves in feature.
      So i would never say use whatsapp. But you could...
      The inly way i would use whatsapp would be a second grapheneos device at some friends house. It then should be automated to forward the messages via a secure application of choise. But i could not make a setup like this till now. It would be a fun project i guess. But i dont think there is a "good way" of doing this. The apps needed for this don't exist i guess. And i am a noob so i can not write them myself.

        • [deleted]

        houseoffreedom the easier way to explain why you cannot be private with WhatsApp is as follows. There is Google and Meta tracking implemented in most of the popular websites you visit, that will eventually fingerprint your device. Using Google Play Services on your device (which is proprietary) likely makes that tracking even easier. WhatsApp will identify you based on that, or in some way based on your internet connection. I read somewhere although I can't find the source right now, that any internet communication (even encrypted) can be tracked and reveals metadata when it passes through the nodes in the internet infrastructure. I truly do not want to speculate on that. I am content with the fact that WhatsApp knows who I am, because it lets me communicate with individuals I hold dear in a most convenient way, and I trust that it encrypts the contents of communications with them albeit not the metadata.