• helenslunch
    link
    fedilink
    English
    arrow-up
    27
    ·
    edit-2
    2 months ago

    WhatsApp uses the open-source Signal protocol

    Why are people always saying this when we have absolutely no way to verify that that’s true?

    • smeg@feddit.uk
      link
      fedilink
      English
      arrow-up
      22
      ·
      2 months ago

      Because they say they do and nobody’s yet proven that they don’t. But your point is of course valid: closed source security is nothing more than trust me bro.

      • sic_1@feddit.de
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 months ago

        Apart from that I don’t get why they make that argument. If that sounds good to you, use Signal.

        • smeg@feddit.uk
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          WhatsApp’s main resource is that they grabbed more than a billion users before Facebook took over. Saying “look how secure we are” makes the casual user think there’s no need to change.

    • Dark Arc@social.packetloss.gg
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      2 months ago

      It should be provable they use the protocol. That’s what goes over the wire and it can be observed.

      What’s not provable is that there isn’t a backdoor in the app that allows specific users to be targeted.

      Similarly, it’s not provable that there isn’t some client side scanning technology.

      Furthermore, it would be difficult to prove that Whatsapp doesn’t send some data back to Meta for all users masked as part of some other network operation.

      I suspect any backdoor that happens for all users or regularly would’ve been detected, but that still doesn’t mean it’s safe.