Privacy

31975 readers

232 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Is WhatsApp bad for privacy? (lemm.ee)

submitted 1 year ago by [email protected] to c/[email protected]

72 comments fedilink hide all child comments

And if so, why exactly? It says it's end-to-end encrypted. The metadata isn't. But what is metadata and is it bad that it's not? Are there any other problematic things?

I think I have a few answers for these questions, but I was wondering if anyone else has good answers/explanations/links to share where I can inform myself more.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 11 points 1 year ago* (last edited 1 year ago) (4 children)

It says it's end-to-end encrypted. The metadata isn't. But what is metadata and is it bad that it's not?

It's not just that. Their app can easily have tracking components that look for the list of installed apps, how often you charge your phone, how often are you on a WiFi network, etc.

Also, the app and any tracking component it has can also freely communicate on the wifi network. That doesn't only mean the internet, but the local, home network too, where they can find out (by MAC address, opened ports and response of the corresponding programs) what kind of devices you have, when do you have them powered on, what software you use on it (like do you use any bittorrent client? syncthing? kde connect? lots of other examples?), and if let's say your smart tv publishes your private info on the network, it does not matter that you have blocked LG (just an example) domains in your local dns server, because facebook's apps can just relay it through your phone and then their own servers.

If the app's code has been obfuscated, exodus privacy and others won't be able to detect the tracking components in it.

[–] [email protected] 3 points 1 year ago (3 children)

Are others different, like Signal and how do I know?

As a normal user I install both in exactly the same way, I have no way to verify that the code of the apk on the play store is exactly the same as the code published by Signal as open-source. How could I trust Signal more?

[–] [email protected] 3 points 1 year ago

You can only know if you choose to read the code and compile from source. You can trust, in that your read the code and just install the app, or let others read the code for you. If reputable sources tell you it's good, most of the time it's good. How can you trust Signal more? Well you... shouldn't. You could try to use a decompilation tool, don't know if that works on Android's apps though.

load more comments (2 replies)