Remix.run Logo
pentagrama 7 months ago

You're absolutely right. End-to-end encryption protects message content, but WhatsApp still collects metadata, which is incredibly valuable.

Even though they can't read your messages, they know who you talk to, how often, when, and for how long. They also track your device info, IP address (which can reveal your location), network details, and app usage patterns.

And this data isn’t just sitting there—Meta uses it. For example, if you chat with a business on WhatsApp, you might start seeing ads for that business on Instagram or Facebook. They don’t need to read your messages when they can infer so much just from how you use the app.

Disclaimer: Comment translated from Spanish and corrected by Chat GPT.

ItsBob 7 months ago | parent [-]

> Even though they can't read your messages

I've long wondered if this is actually true.

If I have a closed-source app and claim (and can verify!) E2EE, surely I could still read every message from my closed-source app, within the app itself, and you'd never know.

I've never been a mobile app developer but I've been a desktop and web developer since the 90s so I don't know what apps can and cannot see but in a desktop app or web app, if it's on the screen, it's decrypted and I can put code in to read/steal it.

Am I missing something here?

floralhangnail 7 months ago | parent | next [-]

At about 2:33:15 here, Zuckerberg somewhat alludes that Meta can take screenshots of WhatsApp messages.

https://youtu.be/7k1ehaE0bdU?t=9189

ItsBob 7 months ago | parent | next [-]

Does it even need to be screenshots?

Surely when I open up a chat in Whatsapp it would be as easy as doing a foreach on every msgElement.text value on screen and copying it to the mothership in plain text. After all, when I am reading them, they're decrypted.

Or, when I send a message, as soon as I press the "Send" button, send a copy to the mothership.

Perhaps I'm not seeing it right but it must be this simple. Right?

At least with an open source app you can inspect the "Send" code and see if it calls "SendToMothership" when it also calls "SendToRecipient".

nothrabannosir 7 months ago | parent | prev [-]

What I got from your comment and from that interview were very different. He starts that bit with “when I text you on WhatsApp”. The “we” refers to Mark and Joe (Alice and Bob), not Meta (Eve).

robertlagrant 7 months ago | parent | prev [-]

It's true in a sense - using an iPhone or an Android phone Apple/Google could be streaming your screen contents constantly, so even e2ee wouldn't help.

I just don't know if that is actually true, or if meta doing e2ee and then pinging your messages around from the app after they're delivered is true. I've no reason to believe either is.