[messaging] WhatsApp & OWS team up
wasabee18 at gmail.com
Thu Nov 20 02:40:08 PST 2014
I meant more like 40 years... not 7/8 years :) ... if this why they don't
care about the data then they are really far-sighted and confident...
On Thu, Nov 20, 2014 at 10:29 AM, Wasa Bee <wasabee18 at gmail.com> wrote:
> I am confused: if whatsapp *really* does E2E encryption so even *they*
> cannot snoop on messages in bulk (i.e. at scale without doing it per-user)
> and therefore cannot mine the data, why did Facebook spend 19Billion $ for
> it? Is this a gift to the world? Are there at least metadata they can glean
> from it? Or is it just that having yet another app running on people's
> phone gives them more data to crunch throu?
> Whatsapp currently has 600M users  paying 1$/year, so within 7/8 years
> or less (since user base will likely grow) Facebook will have recovered as
> much as they've spent for the purchase. Is this why Facebook does not care
> about whatsapp data?
> On Wed, Nov 19, 2014 at 10:40 AM, Mike Hearn <mike at plan99.net> wrote:
>> I'm just curious: I'd not trust the communication via WhatsApp is secure
>>> because of its closed source, Android, Google Keyboard and everything else,
>>> but when you say WhatsApp E2E encryption is pretty close to intercept-proof
>>> for all governments but the US, how do you suggest they can intercept the
>>> messages? By choosing weak keys?
>> Force Facebook to do a key rotation on the target account with a MITM
>> controlled key. In practice that just means get a court order.
>> The question is not "can they intercept WhatsApp communications" as the
>> answer is clearly yes. It's "who can make them do it". The UK in particular
>> has been making noises lately about getting a lot more aggressive with
>> Silicon Valley tech companies and forcing them to basically give GCHQ
>> everything, all the time. Cameron is dumb enough he might actually try
>> this, whatever the costs. It boils down entirely to a question of politics
>> and commerce - how much leverage does a country have over Facebook?
>> Note that given everything was SSL protected before, and WhatsApp I
>> believe does not log messages so could not provide past messages anyway
>> (except perhaps if they were buffering up waiting to be delivered?) and
>> keys can be changed at any time or forward security disabled entirely for
>> certain user populations without them knowing .... then using the
>> TextSecure protocol inside SSL doesn't actually change much immediately. I
>> see it more as a useful next step, that can be built upon to achieve more
>> impactful change in future.
>> Messaging mailing list
>> Messaging at moderncrypto.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging