Alternate to Whatsapp?

de0u

Watermelon What is meant by WhatsApp having "fake encryption"?

Watermelon

de0u What is meant by WhatsApp having "fake encryption"?

I wrote about it here:
https://discuss.grapheneos.org/d/29977-privacy-in-the-messenger/23

Blastoidea

lackofhumor

It is my understanding that having a rooted phone is a security risk.

lackofhumor

Blastoidea
Is is, that's why encrypting the local db is important especially if you rooted your smartphone

schweizer

Watermelon But anyway, the settings within Molly says for the option of disabling the PIN that you will “lose all data”. Notice the word “all”.

True. But you are confusing things. The user that takes over your account looses all your chats. But your friends do not loose anything. They still see their old chats with you which they can and will continue.
The same happenes with group memberships.

That WA has the same issue does not matter here because the topic is a WA alternative that does not require a phone number. Given that, Signal is not the answer.

Watermelon

schweizer But your friends do not loose anything. They still see their old chats with you which they can and will continue.
The same happenes with group memberships.

Have you actually tried that or seen evidence of that? How do you know what they see? You keep saying that's what they see.

Byku

Watermelon

their servers can request your WhatsApp app to reencrypt in-transit messages to a new encryption key without your permission or expectation

Wait, what? You don't know who ends up decrypting your message? Is that what you mean? This world be a fatal flaw.

de0u

Watermelon If having a web app that can read E2EE content is "fake encryption"... doesn't Proton have one?

If being able to mine user social graphs means encrypted content is using "fake encryption"... can't Signal do that?

By no means am I claiming WhatsApp is equivalent to either of those (or to anything else). But personally I'm not sure how much sense it makes to have a binary divide between "fake encryption" and, I guess, real encryption, and to assign WhatsApp to the "fake encryption" bin.

lackofhumor

Watermelon

If you lose control of your account/data, if doesn't affect the account/data of your contacts.

This is why your contacts will continue to see the chats ongoing as if nothing happened, and they will be able to continue to write *n the old chatroom.

That is, unless you activated disappearing messages, in that case messages will disappear after the timer ¯_(ツ)_/¯

Watermelon

de0u How is that known?

Their privacy policy.

de0u The claim was "WhatsApp has trash privacy and fake encryption" (Watermelon). No matter how long a list of privacy issues is posted, that doesn't add up to an encryption problem.

Of course it is. The thing you quoted this as a response to is not the list of issues with WhatsApp that undermine its encryption, it was me expanding upon the specific one issue I mentioned that WhatsApp collects a lot of metadata which also reveals a lot about you.

If you lock the door, but leave the key under the rug, is it really locked? No.

de0u So far I think only one encryption issue was mentioned (the problem with web-based access to keys).

Metadata collection, inability to lock keys, by default the hiding of key change warnings, availability of unencrypted backups, automatically re-encrypting to a different key than you sent to, and everything else I wrote all undermine the encryption in WhatsApp. It's in no way truly encrypted.

de0u Since Proton also has a web client, if a web client makes WhatsApp's encryption "fake" then Proton's encryption is also "fake"

This is partially true, as I already answered the previous time you brought up Proton. This doesn't refute what I said.

de0u Is the claim that WhatsApp's encryption and Proton's encryption are "fake", or is there some additional problem with WhatsApp's encryption?

Proton is off-topic for this thread. I already answered about Proton the previous time you brought it up. I don't see how an email service's faults are related to the discussion here.

de0u is there some additional problem with WhatsApp's encryption?

WhatsApp is explicitly anti-privacy, deceptive, and not at the same level as Proton even if they partially share some issues. I don't see how Proton is relevant to the discussion.

schweizer You are just claiming false things over and over.

Can you be more specific please? Say which of my “claims” are false and I repeat them. Leaving it unspecified makes me see this as an ad hominem attack rather than a relevant response.

schweizer So again: Registering Signal with a fake number creates a giant security hole. You pay a high price for anonymity. Signal is a service that needs your true number in order to work properly.

How is this relevant? We were talking about someone using the same phone number as you/a contact (e.g. stealing their SIM card) and their ability to impersonate you/them to others. I never said it was a good idea to use a temporary phone number to register to Signal, that's an awful idea.

schweizer I do use Signal and I do get those security key warnings from time to time both for one to one chats and group chats. I do not have duplicate contacts in Signal.

And you think I don't use Signal? Key change warnings happen when the key is recreated, which doesn't necessarily overlap with failing to recover profile/account data with a correct Signal PIN. I'm distinguishing between the two things because they're separate, which you seem to miss.

Watermelon Have you actually tried that or seen evidence of that? How do you know what they see? You keep saying that's what they see.

@schweizer How about you actually answer my question? Have you tried reregistering to Signal without a correct PIN, and seen what it looks like for your contacts?

Watermelon

Byku You don't know who ends up decrypting your message? Is that what you mean?

Yes. “In-transit” means any message you sent but not yet have a delivery confirmation (two checkmarks). If your contact's encryption key changes, the WhatsApp server will tell your WhatsApp app to re-encrypt these messages to the new key provided by the server, and the app will happily comply with no way to disable this. In general, there's no way to lock the encryption key of your contact either, so scanning the QR code of your contact is completely useless, and WhatsApp hides by default the warnings about key changes.

The Signal servers can tell your app that the contact has a new key, but it won't affect already sent messages, so you can choose whether to keep writing to them after you see the key change warning. And you can lock the current encryption key (“mark as verified”), so if this ever happens, your app will ask for your explicit confirmation before sending messages to the new key, so you can't be surprised if it happens just a micro-second before you press the send button, and you won't receive the messages from the new key because they might be written by an impostor.

Watermelon

lackofhumor If you lose control of your account/data, if doesn't affect the account/data of your contacts.

This is why your contacts will continue to see the chats ongoing as if nothing happened

There is a logical fault here. I'm aware they'll keep the chat, but it doesn't mean that the chat with the re-registered account would appear inside the same conversion, or that Signal doesn't present a much more scary warning than the security key change warning.

Watermelon

de0u If having a web app that can read E2EE content is "fake encryption"... doesn't Proton have one?

It's not the only fault of WhatsApp, but the answer is yes, Proton from the web browser doesn't have end-to-end encryption. They say it themselves as far as I'm aware.

de0u If being able to mine user social graphs means encrypted content is using "fake encryption"... can't Signal do that?

Signal doesn't do it, and doesn't have the wide reach that WhatsApp has, and doesn't collect info about you from other services that they operate like Facebook/Instagram, and doesn't create shadow profiles for unregistered users via embedded Like buttons in websites, etc…

de0u

de0u If being able to mine user social graphs means encrypted content is using "fake encryption"... can't Signal do that?

Watermelon Signal doesn't do it [...]

How is that known? They know which account sends every message, to which account, right?

Watermelon [Signal] doesn't have the wide reach that WhatsApp has, and doesn't collect info about you from other services that they operate like Facebook/Instagram, and doesn't create shadow profiles for unregistered users via embedded Like buttons in websites, etc…

The claim was "WhatsApp has trash privacy and fake encryption" (Watermelon). No matter how long a list of privacy issues is posted, that doesn't add up to an encryption problem. So far I think only one encryption issue was mentioned (the problem with web-based access to keys). Since Proton also has a web client, if a web client makes WhatsApp's encryption "fake" then Proton's encryption is also "fake", or perhaps neither one is.

Is the claim that WhatsApp's encryption and Proton's encryption are "fake", or is there some additional problem with WhatsApp's encryption?

schweizer

Watermelon There is a logical fault here. I'm aware they'll keep the chat, but it doesn't mean that the chat with the re-registered account would appear inside the same conversion, or that Signal doesn't present a much more scary warning than the security key change warning.

You are just claiming false things over and over. I do use Signal and I do get those security key warnings from time to time both for one to one chats and group chats. I do not have duplicate contacts in Signal. This is actually a nuisance in Threema. There is no way in Signal to tell if the person is the same when Signal is re-registered.

So again: Registering Signal with a fake number creates a giant security hole. You pay a high price for anonymity. Signal is a service that needs your true number in order to work properly.

Byku

Watermelon That is informative and good to know. Thanks for the explanation.

Jyla

Hi there,

I didn't read all the topic but you could look for Olvid.

No SIM card required. Wifi is all you need.
Since Olvid needs no phone number to work, you can use any of your devices. And they'll stay in sync.

It seems to match your criteria.

There is one potential drawback: you need to subscribe to a service in order to make audio and video calls. Look at thier pricing page for full comparaison.

I heard that the French government uses it alongside Signal. To be verified.

spring-onion

Jyla I suggest you read our post here about Olvid: https://grapheneos.social/@GrapheneOS/115615958916904657

manksudons89231

I am using GrapheneOS with Molly (Signal), while the other person is using the official Signal app on Android.

Signal/Molly has an option called “Screen security: Block screenshots in the recents list and inside the app.” When enabled, it blocks screenshots inside the app on my device, which is fine in principle. However, this raises several concerns and questions.

Issue 1: One-sided screenshot blocking
The screenshot-blocking option appears to apply only to the local device, not to both parties in a conversation. In a two-party communication app like Signal/Molly, the other person can still freely take screenshots, while I cannot.

This feels inconsistent and unfair. In single-device apps like banking apps, screenshot blocking makes sense because sensitive data exists only on that device. But Signal/Molly is a two-way communication app. If only one side is affected, what is the real purpose of this option in Signal/Molly’s settings?

Issue 2: Screen Lock automatically enables Screen Security
There is another setting just above it called “Screen Lock: Lock app with fingerprint or face recognition.” This is a useful feature. However, enabling Screen Lock automatically enables Screen Security as well, meaning screenshots are blocked even if I only wanted biometric locking.

So in practice:

If I enable Screen Lock → screenshots are blocked.
If I enable Screen Security → screenshots are blocked.
Meanwhile, the other party can still take screenshots without restriction.

What I’m trying to understand
I understand this is not a GrapheneOS-specific issue, but I want to understand why this exists and what problem it is meant to solve. This is especially important for GrapheneOS newcomers like me who are evaluating WhatsApp alternatives and trying to understand the security model.

As I understand it now, screenshot blocking is an individual client-side feature, similar to what banking apps use. If that’s the case, I would like clarification in plain terms:

How is screenshot blocking useful in a two-way communication app like Signal?
Is this feature mainly meant to protect against someone who has physical access to my phone?
If it does not protect the conversation as a whole, what threat model is it addressing?

From my perspective, this feels somewhat unnatural, because GrapheneOS already provides strong system-level protections. So what additional value does a per-app screenshot-blocking option provide when it only affects my own device?

So my final questions are:

Does this behavior belong to Molly or Signal?
Where is the correct place to report or discuss this: Molly, Signal, or elsewhere?

I would appreciate a clear explanation of the design rationale behind this feature.

Watermelon

manksudons89231 Screenshot blocking isn't a security feature to enforce on other people, that's impossible. Anyone who wants to take a screenshot of their phone can always do it, for example using another phone to take a picture. It's meant to prevent you from accidentally saving a screenshot of a sensitive conversation and adding it to your Gallery app. Signal/Molly is using screenshot blocking properly by making it a feature meant to help you and not showing screenshot alerts within the chat as if they can always detect when a screenshot is taken. Apps that do this (e.g. Snapchat comes to mind) are doing security theater that gives you a false sense of security.

manksudons89231

spring-onion I suggest you read our post here about Olvid: https://grapheneos.social/@GrapheneOS/115615958916904657

How this useful to the problem i stated earlier?

Jyla

spring-onion thanks. If I understand correctly, it is mainly a question of trust in the French government and possible future obligations due to ChatControl, for example.

otterfoghornrainfall

manksudons89231 You are not who they were replying to.

« Previous Page Next Page »