junction we're in the same position. It amazes me how everyone can be so keen to transition to one service from SMS but then become so obstinately averse to then moving to something better because it is inconvenient.
I suppose it comes down to the fact that WhatsApp was the cheaper/media rich alternative offering something above SMS, it is also the reason I can imagine why Signal play around in the payments space as to move people en masse they have to have a significant enough differentiator too and why things like Session, Briar et all will also struggle to be more relevant outside their niche.

  • [deleted]

Thanks guys for your assessment on the subject.
I also find it extremely unfortunate that so many people still use WhatsApp, but that seems to be the general peer pressure.

    • [deleted]

    • Edited

    Using Whatsapp is not ideal, but it still offers very strong encryption and is far better than SMS or Telegram. I think for most people outside the US the privacy benefits of ditching it completely is not worth the social isolation that it would bring in many cases. I would love to be able to use Signal for everything but there are far worse platforms to be locked into

    7 days later
    10 months later

    And would any of you WhatsApp users allow it to be installed in a profile that handles other critical data?

    Does it require GSF to run?

      Toomanyuserprofiles Form the time when I used WA (I ditched it four years ago), I remember that the app didn't require Google Services back then because I ran it on a LineageOS phone without Google Services installed.

      I'm trying to device if I trust it enough to be used in my daily driver profile.

      I picture it hoovering up contents of my encrypted connections and so on.

      If it is as most people say, and can at most read which other apps are installed it should be fine. But I feel naked at the thought of it knowing my logins and emails for each app in use.

        • [deleted]

        Toomanyuserprofiles I have been using it for the lack of better alternative and unwillingness of my loved ones since I installed GrapheneOS. Without major problems. If you don't use Play Services, with unrestricted battery it gives reliable notifications. I found out that when I experimented with installing/uninstalling Play Services with Whatsapp already installed, it breaks notifications so had to reinstall a few times. Never pursued the area of backing it up, always fresh install. It is a solid messenger and if it puts your mind at ease, LibChecker says it contains no google libraries so IPC with Google apps/apps containing google libraries is unlikely. That is on device side and it doesn't mean it will not collect certain data for the purpose of server-side analytics (possibly Google linked). This not an expert opinion of course. I am looking for a better alternative and any recommendations with reasoning are welcome.

          The main concerns are from granting it permissions to access your data.

          As i understand it (having never used it) the biggest problem is that it can be hard to use without granting it permission to access your contacts. This is a valid concern. Unfortunately everyone you know who uses WhatsApp has likely already shared all their contacts. Combining that with other data they have got from elsewhere lets WhatsApp / Facebook construct a large part of most peoples social graph.

          Still, I think best to avoid feeding them more data if at all possible. The upcoming GrapheneOS Contact Spaces feature will provide a neat way to control what contact data WhatsApp can access.

          Another options you can use now is using WhatsApp in a different user profile. Maybe even worth considering using a work profile via Shelter or Insular if user profiles dont work well for you.

          Imagine you can share files and images form Gallery and Files or other apps into WhatsApp so you dont need to grant Whatsapp any files / media permission. Also Graphenes Storage Scopes lets you work around those permissions and control the stuff it can access.

          [deleted] LibChecker says it contains no google libraries so IPC with Google apps/apps containing google libraries is unlikely.

          This LibChecker result is interesting because there is Google Analytics inside.

          com.google.android.apps.analytics
          com.google.android.gms.analytics
          com.google.analytics
            • [deleted]

            • Edited

            Hat thank you, you made me look at it again. And there I see it, not a library but a service.

            com.google.android.gms.analytics.AnalyticsJobService
            com.google.android.gms.analytics.AnalyticsService
            com.google.android.gms.auth.api.signin.RevocationBoundService
            com.google.firebase.components.ComponentDiscoveryService
            com.google.firebase.messaging.FirebaseMessagingService
            -> Analytucs, sign-in, Firebase and FCM

            Thank you for bringing that up.

            But when I tested the network activity of WhatsApp some weeks ago with PCAPDroid all it was showing was connecting to WhatsApp servers once every 30 seconds presumably providing notification service. That is without sandboxed Play Services installed.

            • Hat likes this.

            [deleted] can I use work profile apps like shelter in secondary profiles or only my main user profile? I only use my main owner profile for downloading updates, and all apps are disables in it.

            [deleted] Typically, you are on Gos because you value your privacy. If you value your privacy you should be avoiding data invasive apps and services, such as WhatsApp, Facebook, Google and the likes. You won't stay afloat for long while balancing on two boats at the same time. Choose your boat wisely.

            • [deleted]

            [deleted] Everyone has WhatsApp, messages are encrypted and it's easy to use.

              Some recent updates to WhatsApp have included features such as disappearing messages, the ability to join group calls after they have started, and the ability to mute videos before sharing them. These updates are generally released to both the Android and iOS versions of the app.

                • [deleted]

                [deleted] There are people who still don't use it and it may be because they either live under the rock and don't know about it and some choose not to use it because of its privacy implications. Yes, messages and calls may be E2EE but their metadata isn't. And it is usually the metadata (data about data) that links your activity and communication with the rest of the world and can be/is leveraged by law enforcement or other third parties (ads, analytics, profiling). Is it easy to use? No one denies that. But you (same as I) could do yourself some good by finding a more privacy oriented alternative. It doesn't make it good just because everyone around you uses it without giving it a moment's thought.

                  • [deleted]

                  • Edited

                  revan08 I am asking myself what exactly is a disappearing message? Has the message been truly completely removed so that no one can prove its existence, or has it been given a "hidden status" and continues being linked to rest of my identity? I am afraid that unless I see a palpable proof I will continue having my doubts about it.

                    • [deleted]

                    [deleted] What will they analyze if all messages are encrypted? The time I send the message? For me my privacy is respected with WhatsApp.