Israeli espionage firm hacks WhatsApp. Can install spyware with missed call.
My advice: dump WhatsApp today and start using Wire (https://wire.com/en/products/personal-secure-messenger/). Tell your friends and family to do the same. (It’s a simple, free download on all app stores. Easy to use, doesn’t require your phone number, and their business model is based on charging for commercial use and for pro accounts.)
You can find more alternatives on @firstname.lastname@example.org (https://switching.social/ethical-alternatives-to-whatsapp-and-skype/)
@aral What about Matrix? Or good, old fashioned XMPP? (via Xabber / Pidgin)
@GothFvck xmpp does not work for modern use cases. Not because of the protocol but because of the many many ways it can break.
@DC7IA @email@example.com Can you give me a few links to those comments. I’d like to see what the actual arguments are.
If you don't mind risking some smugness, you can ask them for permission to install a recording device in their house. "I promise not to do anything bad with it, I just have my reasons."
Typically people are fine with privacy invasion because there's no face attached and they can't foresee consequences. Remove one and or both and people start to piece the problem together.
@gaperst @aral @switchingsocial Such people need to understand that it could have bad personal consequences in the future especially when multiple datasets from different sources are combined & that it's a danger to democracy if so many people use one centralized, proprietary messenger. Both points have nothing to do with being a minister, activist or just an ordinary person.
@grin @aral @DC7IA I wouldn't say Wire's security is on par with Signal's. People can sign up to Wire without giving away their phone number, that's true, but Signal has some really clever security and privacy features that Wire currently lacks. Here are 3 of them:
Private contact discovery
@tobiaalberti @aral @DC7IA I stand corrected, it is not on par with Signal in the general sense; however its security regarding e2ee is the same, it is completely anonymous in contrast to signal, and can use self-hosted server. (I'm not sure what's the current status of Signal group size and usability, and some long-standing unfixed bugs. Same for wire.)
@tobiaalberti @aral @DC7IA I cannot recall any part of #Telegram (including #MTProto) which did not get some pretty worrying review… Unless it's been changed radically it is not much more secure than #hangouts in the general case (when you don't select manually secure one-to-one chat, which is only as secure as mtproto, which is believed to be not very much).
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!