Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
throwaway290 6 hours ago

> nobody should believe for a second that WhatsApp or FB messages are truly E2EE

That's interesting. You think all firms that audited WhatsApp and Signal protocol used by WhatsApp and all programmers who worked there for decades and can see a lie and leak if it was true are all crooks? valid opinion I guess, but I won't call it "no one should believe for a second

(curious you didn't mention Telegram, it is actually marketed as secure and e2e and it has completely gimped "secret chats" that are off by default and used by like almost nobody.)

max-privatevoid 6 minutes ago | parent | next [-]

I'll believe it when it's FOSS

giancarlostoro 6 hours ago | parent | prev [-]

I forget if its WhatsApp that technically lets you sync chats in unencrypted form to iCloud which is the “loophole” around this, though you can lockdown your iCloud even tighter, not sure it Apple can do much if you fully lock down your iCloud, not sure if this has been legally tested? Its not a very advertised feature its just a setting.

oarsinsync 6 hours ago | parent | next [-]

WhatsApp iPhone syncs to iCloud unencrypted by default[1].

iMessage also syncs to iCloud unencrypted by default[2].

[1] Depends on you paying for iCloud storage, so that you have space for a full phone backup to occur.

[2] Might be "free" with "iMessage in iCloud", an option to enable separately.

throwaway290 5 hours ago | parent [-]

> WhatsApp iPhone syncs to iCloud unencrypted by default[1].

Not true. You must choose to enable it or not when you set up new phone. On mine it does not back up

monooso 4 hours ago | parent [-]

If you must "choose to enable" encryption, that implies it's off by default. If so, GP's statement is accurate.

simsla 4 hours ago | parent | next [-]

Choose to enable backups.

throwaway290 2 hours ago | parent | prev [-]

No, I mean you must select yes or no. can't use WhatsApp until you make a choice yourself.

gzread 6 hours ago | parent | prev | next [-]

The Android version syncs all your chat logs to Google Drive without encryption by default. That's the backdoor.

throwaway290 6 hours ago | parent | prev [-]

Right now it got a switch to enable e2e for backups, but yeah I think default backup is probably a workaround...