Why I told my friends to stop using WhatsApp and Telegram

Why I told my friends to stop using WhatsApp and Telegram

Why I told my friends to stop using WhatsApp and Telegram

This morning I told my friends to stop using WhatsApp and Telegram and sent them an invitation to switch to the Signal messaging app.

You may not realize it, but you’re most likely already using the Signal Protocol — along with more than one billion people every day.

The Signal Protocol is used by WhatsApp, Facebook Messenger, Google Allo and Signal’s own messaging app.

But what is the Signal Protocol?

The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for instant messaging conversations. — Wikipedia

End-to-end encryption ensures that your message is turned into a secret message by its original sender, then only decoded by its final recipient.

That’s what WhatsApp embarked to use a few months ago when they displayed this message in your conversation:

The Signal Protocol was built by Open Whisper System, a nonprofit group that was founded in two thousand thirteen by former Twitter head of security Moxie Marlinspike. Back in two thousand eleven the 140-character messaging platform acquired Marlinspike very first secure messaging company Whisper System.

Open Whisper System concentrates on the development of the Signal Protocol and also maintains a messaging application called Signal. The nonprofit is funded through a combination of donations and grants.

In October 2016, the Signal protocol was reviewed by an international team of security researchers and got glowing reviews.

Reading the above, you might think you are fine since WhatsApp, Facebook Messenger, and Google Allo also use the Signal Protocol.

Facebook Messenger and Google Allo don’t enable end-to-end encryption by default. Facebook Messenger users have to enable “Secret Conversations” and Google Allo users have to enable Incognito Mode.

Telegram, the 100-million-user app made by social network VK’s founder Pavel Durov, uses its own encryption protocol: MTProto. Telegram was the subject to a lot of controversies over its encryption protocol. Then in 2015, a security researcher published a research paper detailing theoretical weaknesses* in MTProto and concluded that Telegram shouldn’t have attempted to roll their own encryption.

So this leaves us with WhatsApp and Signal — the only two applications to use the Signal Protocol by default for all messages sent*.

You may be asking — why not stick with WhatsApp then?

The reason lies in WhatsApp’s collection of metadata.

Data collection and metadata

Metadata and data collection have often been at the center of debates, with parties often claiming some statements along the line of:

We can’t listen/read the content of your communication because we use end-to-end encryption, we can only collect metadata.

Metadata has often been a blurry term. For your convenience, below is a clarified definition of metadata:

If you’re still unclear about what metadata is, read the post from EFF by Kurt Opsahl. He gives examples of what companies or governments know when they collect metadata:

They know you rang a phone hookup service at Two:24 am and spoke for eighteen minutes. But they don’t know what you talked about. They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret. They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed.

Now that you know what metadata is, let me reiterate: using end-to-end encryption does not prevent messaging services from collecting metadata.

Let’s see what these guys are collecting:

WhatsApp

WhatsApp’s FAQ states that its app has access to all the phone numbers in your address book, and that it collects a myriad of information about you.

What’s interesting is that WhatsApp doesn’t store your messages on its servers. Instead, your messages are stored on your phone — then ultimately on the servers where you back up your phone. For example, if you use an iPhone, all your WhatsApp messages are stored in iCloud, if you use it as a backup.

As for the information WhatsApp collects about when, where, and with whom you communicate, it’s a lot more vague. Here’s what they say:

Usage and Log Information. We collect service-related, diagnostic, and spectacle information. This includes information about your activity (such as how you use our Services, how you interact with others using our Services, and the like), log files, and diagnostic, crash, website, and spectacle logs and reports.

WhatsApp also collects device-specific information when you install, access, or use their service — such as the model of your phone, its operating system, and information from your browser, IP address, and mobile network — including your phone number.

And if they can’t collect that information through your phone, they’ll obtain it when people message you, since WhatsApp also has access to your friends’ activity data.

Besides the unencrypted backups, other concerns were outlined by the Electronic Frontier Foundation over key switch notification, WhatsApp’s web app, and its sharing of data with Facebook, who acquired WhatsApp in 2014.

Speaking of Facebook…

Facebook Messenger

MIT Technology Review wrote:

Facebook is collecting the most extensive data set ever assembled on human social behavior.

I don’t need to break down what data Facebook collects. Facebook is your friend, so they made it very plain for you to understand just how close of a friend they are:

Google Allo

Google Allo has been widely criticized by security experts.

Not only can Google actually read every message you say, they will store all conversations.

It is that ordinary.

Here’s Edward Snowden’s tongue-in-cheek advertisement for Allo:

Telegram

Telegram is a tricky one since as I mentioned its encryption protocol shows some flaws from an theoretical perspective.* But let’s set that aside and look at what they collect from you.

Messages, photos, movies, and documents are encrypted and stored on Telegram’s servers (except for the Secret Talk messages, which aren’t stored on Telegram’s servers). Like WhatsApp and Facebook, Telegram accesses and stores your contact list on its server. This is how they’re are able to send you a notification when someone fresh from you contact list joins Telegram. Nice of them, right?

Signal

The only data Signal retains is the phone number you register with and when you last logged into their server.

It doesn’t even record the hour, minute, or 2nd — only the day.

If you’re feeling mischievous, Signal even has disappearing messages.

And Signal is free. Truly free. Meaning that they aren’t attempting to turn your eyeballs into a product for advertisers like Facebook or Google want to do with their messaging apps. You can donate to Signal here.

By the way, Signal code is free and open-source, available on GitHub for you to check.

A few weeks ago, The Guardian reported on a so-called WhatsApp “backdoor.”medium.freecodecamp.com

Why should you care about your privacy?

You might be tempted to say something like:

Who cares? I have nothing to hide.

If you don’t think privacy is all that significant:

Why I told my friends to stop using WhatsApp and Telegram

Why I told my friends to stop using WhatsApp and Telegram

This morning I told my friends to stop using WhatsApp and Telegram and sent them an invitation to switch to the Signal messaging app.

You may not realize it, but you’re most likely already using the Signal Protocol — along with more than one billion people every day.

The Signal Protocol is used by WhatsApp, Facebook Messenger, Google Allo and Signal’s own messaging app.

But what is the Signal Protocol?

The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for instant messaging conversations. — Wikipedia

End-to-end encryption ensures that your message is turned into a secret message by its original sender, then only decoded by its final recipient.

That’s what WhatsApp embarked to use a few months ago when they displayed this message in your conversation:

The Signal Protocol was built by Open Whisper System, a nonprofit group that was founded in two thousand thirteen by former Twitter head of security Moxie Marlinspike. Back in two thousand eleven the 140-character messaging platform acquired Marlinspike very first secure messaging company Whisper System.

Open Whisper System concentrates on the development of the Signal Protocol and also maintains a messaging application called Signal. The nonprofit is funded through a combination of donations and grants.

In October 2016, the Signal protocol was reviewed by an international team of security researchers and got glowing reviews.

Reading the above, you might think you are fine since WhatsApp, Facebook Messenger, and Google Allo also use the Signal Protocol.

Facebook Messenger and Google Allo don’t enable end-to-end encryption by default. Facebook Messenger users have to enable “Secret Conversations” and Google Allo users have to enable Incognito Mode.

Telegram, the 100-million-user app made by social network VK’s founder Pavel Durov, uses its own encryption protocol: MTProto. Telegram was the subject to a lot of controversies over its encryption protocol. Then in 2015, a security researcher published a research paper detailing theoretical weaknesses* in MTProto and concluded that Telegram shouldn’t have attempted to roll their own encryption.

So this leaves us with WhatsApp and Signal — the only two applications to use the Signal Protocol by default for all messages sent*.

You may be asking — why not stick with WhatsApp then?

The reason lies in WhatsApp’s collection of metadata.

Data collection and metadata

Metadata and data collection have often been at the center of debates, with parties often claiming some statements along the line of:

We can’t listen/read the content of your communication because we use end-to-end encryption, we can only collect metadata.

Metadata has often been a blurry term. For your convenience, below is a clarified definition of metadata:

If you’re still unclear about what metadata is, read the post from EFF by Kurt Opsahl. He gives examples of what companies or governments know when they collect metadata:

They know you rang a phone hook-up service at Two:24 am and spoke for eighteen minutes. But they don’t know what you talked about. They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret. They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed.

Now that you know what metadata is, let me reiterate: using end-to-end encryption does not prevent messaging services from collecting metadata.

Let’s see what these guys are collecting:

WhatsApp

WhatsApp’s FAQ states that its app has access to all the phone numbers in your address book, and that it collects a myriad of information about you.

What’s interesting is that WhatsApp doesn’t store your messages on its servers. Instead, your messages are stored on your phone — then ultimately on the servers where you back up your phone. For example, if you use an iPhone, all your WhatsApp messages are stored in iCloud, if you use it as a backup.

As for the information WhatsApp collects about when, where, and with whom you communicate, it’s a lot more vague. Here’s what they say:

Usage and Log Information. We collect service-related, diagnostic, and spectacle information. This includes information about your activity (such as how you use our Services, how you interact with others using our Services, and the like), log files, and diagnostic, crash, website, and spectacle logs and reports.

WhatsApp also collects device-specific information when you install, access, or use their service — such as the model of your phone, its operating system, and information from your browser, IP address, and mobile network — including your phone number.

And if they can’t collect that information through your phone, they’ll obtain it when people message you, since WhatsApp also has access to your friends’ activity data.

Besides the unencrypted backups, other concerns were outlined by the Electronic Frontier Foundation over key switch notification, WhatsApp’s web app, and its sharing of data with Facebook, who acquired WhatsApp in 2014.

Speaking of Facebook…

Facebook Messenger

MIT Technology Review wrote:

Facebook is collecting the most extensive data set ever assembled on human social behavior.

I don’t need to break down what data Facebook collects. Facebook is your friend, so they made it very ordinary for you to understand just how close of a friend they are:

Google Allo

Google Allo has been widely criticized by security experts.

Not only can Google actually read every message you say, they will store all conversations.

It is that elementary.

Here’s Edward Snowden’s tongue-in-cheek advertisement for Allo:

Telegram

Telegram is a tricky one since as I mentioned its encryption protocol shows some flaws from an theoretical perspective.* But let’s set that aside and look at what they collect from you.

Messages, photos, movies, and documents are encrypted and stored on Telegram’s servers (except for the Secret Talk messages, which aren’t stored on Telegram’s servers). Like WhatsApp and Facebook, Telegram accesses and stores your contact list on its server. This is how they’re are able to send you a notification when someone fresh from you contact list joins Telegram. Nice of them, right?

Signal

The only data Signal retains is the phone number you register with and when you last logged into their server.

It doesn’t even record the hour, minute, or 2nd — only the day.

If you’re feeling mischievous, Signal even has disappearing messages.

And Signal is free. Indeed free. Meaning that they aren’t attempting to turn your eyeballs into a product for advertisers like Facebook or Google want to do with their messaging apps. You can donate to Signal here.

By the way, Signal code is free and open-source, available on GitHub for you to check.

A few weeks ago, The Guardian reported on a so-called WhatsApp “backdoor.”medium.freecodecamp.com

Why should you care about your privacy?

You might be tempted to say something like:

Who cares? I have nothing to hide.

If you don’t think privacy is all that significant:

Why I told my friends to stop using WhatsApp and Telegram

Why I told my friends to stop using WhatsApp and Telegram

This morning I told my friends to stop using WhatsApp and Telegram and sent them an invitation to switch to the Signal messaging app.

You may not realize it, but you’re most likely already using the Signal Protocol — along with more than one billion people every day.

The Signal Protocol is used by WhatsApp, Facebook Messenger, Google Allo and Signal’s own messaging app.

But what is the Signal Protocol?

The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for instant messaging conversations. — Wikipedia

End-to-end encryption ensures that your message is turned into a secret message by its original sender, then only decoded by its final recipient.

That’s what WhatsApp embarked to use a few months ago when they displayed this message in your conversation:

The Signal Protocol was built by Open Whisper System, a nonprofit group that was founded in two thousand thirteen by former Twitter head of security Moxie Marlinspike. Back in two thousand eleven the 140-character messaging platform acquired Marlinspike very first secure messaging company Whisper System.

Open Whisper System concentrates on the development of the Signal Protocol and also maintains a messaging application called Signal. The nonprofit is funded through a combination of donations and grants.

In October 2016, the Signal protocol was reviewed by an international team of security researchers and got glowing reviews.

Reading the above, you might think you are fine since WhatsApp, Facebook Messenger, and Google Allo also use the Signal Protocol.

Facebook Messenger and Google Allo don’t enable end-to-end encryption by default. Facebook Messenger users have to enable “Secret Conversations” and Google Allo users have to enable Incognito Mode.

Telegram, the 100-million-user app made by social network VK’s founder Pavel Durov, uses its own encryption protocol: MTProto. Telegram was the subject to a lot of controversies over its encryption protocol. Then in 2015, a security researcher published a research paper detailing theoretical weaknesses* in MTProto and concluded that Telegram shouldn’t have attempted to roll their own encryption.

So this leaves us with WhatsApp and Signal — the only two applications to use the Signal Protocol by default for all messages sent*.

You may be asking — why not stick with WhatsApp then?

The reason lies in WhatsApp’s collection of metadata.

Data collection and metadata

Metadata and data collection have often been at the center of debates, with parties often claiming some statements along the line of:

We can’t listen/read the content of your communication because we use end-to-end encryption, we can only collect metadata.

Metadata has often been a blurry term. For your convenience, below is a clarified definition of metadata:

If you’re still unclear about what metadata is, read the post from EFF by Kurt Opsahl. He gives examples of what companies or governments know when they collect metadata:

They know you rang a phone hookup service at Two:24 am and spoke for eighteen minutes. But they don’t know what you talked about. They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret. They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed.

Now that you know what metadata is, let me reiterate: using end-to-end encryption does not prevent messaging services from collecting metadata.

Let’s see what these guys are collecting:

WhatsApp

WhatsApp’s FAQ states that its app has access to all the phone numbers in your address book, and that it collects a myriad of information about you.

What’s interesting is that WhatsApp doesn’t store your messages on its servers. Instead, your messages are stored on your phone — then ultimately on the servers where you back up your phone. For example, if you use an iPhone, all your WhatsApp messages are stored in iCloud, if you use it as a backup.

As for the information WhatsApp collects about when, where, and with whom you communicate, it’s a lot more vague. Here’s what they say:

Usage and Log Information. We collect service-related, diagnostic, and spectacle information. This includes information about your activity (such as how you use our Services, how you interact with others using our Services, and the like), log files, and diagnostic, crash, website, and spectacle logs and reports.

WhatsApp also collects device-specific information when you install, access, or use their service — such as the model of your phone, its operating system, and information from your browser, IP address, and mobile network — including your phone number.

And if they can’t collect that information through your phone, they’ll obtain it when people message you, since WhatsApp also has access to your friends’ activity data.

Besides the unencrypted backups, other concerns were outlined by the Electronic Frontier Foundation over key switch notification, WhatsApp’s web app, and its sharing of data with Facebook, who acquired WhatsApp in 2014.

Speaking of Facebook…

Facebook Messenger

MIT Technology Review wrote:

Facebook is collecting the most extensive data set ever assembled on human social behavior.

I don’t need to break down what data Facebook collects. Facebook is your friend, so they made it very elementary for you to understand just how close of a friend they are:

Google Allo

Google Allo has been widely criticized by security experts.

Not only can Google actually read every message you say, they will store all conversations.

It is that ordinary.

Here’s Edward Snowden’s tongue-in-cheek advertisement for Allo:

Telegram

Telegram is a tricky one since as I mentioned its encryption protocol shows some flaws from an theoretical perspective.* But let’s set that aside and look at what they collect from you.

Messages, photos, movies, and documents are encrypted and stored on Telegram’s servers (except for the Secret Talk messages, which aren’t stored on Telegram’s servers). Like WhatsApp and Facebook, Telegram accesses and stores your contact list on its server. This is how they’re are able to send you a notification when someone fresh from you contact list joins Telegram. Nice of them, right?

Signal

The only data Signal retains is the phone number you register with and when you last logged into their server.

It doesn’t even record the hour, minute, or 2nd — only the day.

If you’re feeling mischievous, Signal even has disappearing messages.

And Signal is free. Truly free. Meaning that they aren’t attempting to turn your eyeballs into a product for advertisers like Facebook or Google want to do with their messaging apps. You can donate to Signal here.

By the way, Signal code is free and open-source, available on GitHub for you to check.

A few weeks ago, The Guardian reported on a so-called WhatsApp “backdoor.”medium.freecodecamp.com

Why should you care about your privacy?

You might be tempted to say something like:

Who cares? I have nothing to hide.

If you don’t think privacy is all that significant:

Why I told my friends to stop using WhatsApp and Telegram

Why I told my friends to stop using WhatsApp and Telegram

This morning I told my friends to stop using WhatsApp and Telegram and sent them an invitation to switch to the Signal messaging app.

You may not realize it, but you’re very likely already using the Signal Protocol — along with more than one billion people every day.

The Signal Protocol is used by WhatsApp, Facebook Messenger, Google Allo and Signal’s own messaging app.

But what is the Signal Protocol?

The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for instant messaging conversations. — Wikipedia

End-to-end encryption ensures that your message is turned into a secret message by its original sender, then only decoded by its final recipient.

That’s what WhatsApp embarked to use a few months ago when they displayed this message in your conversation:

The Signal Protocol was built by Open Whisper System, a nonprofit group that was founded in two thousand thirteen by former Twitter head of security Moxie Marlinspike. Back in two thousand eleven the 140-character messaging platform acquired Marlinspike very first secure messaging company Whisper System.

Open Whisper System concentrates on the development of the Signal Protocol and also maintains a messaging application called Signal. The nonprofit is funded through a combination of donations and grants.

In October 2016, the Signal protocol was reviewed by an international team of security researchers and got glowing reviews.

Reading the above, you might think you are fine since WhatsApp, Facebook Messenger, and Google Allo also use the Signal Protocol.

Facebook Messenger and Google Allo don’t enable end-to-end encryption by default. Facebook Messenger users have to enable “Secret Conversations” and Google Allo users have to enable Incognito Mode.

Telegram, the 100-million-user app made by social network VK’s founder Pavel Durov, uses its own encryption protocol: MTProto. Telegram was the subject to a lot of controversies over its encryption protocol. Then in 2015, a security researcher published a research paper detailing theoretical weaknesses* in MTProto and concluded that Telegram shouldn’t have attempted to roll their own encryption.

So this leaves us with WhatsApp and Signal — the only two applications to use the Signal Protocol by default for all messages sent*.

You may be asking — why not stick with WhatsApp then?

The reason lies in WhatsApp’s collection of metadata.

Data collection and metadata

Metadata and data collection have often been at the center of debates, with parties often claiming some statements along the line of:

We can’t listen/read the content of your communication because we use end-to-end encryption, we can only collect metadata.

Metadata has often been a blurry term. For your convenience, below is a clarified definition of metadata:

If you’re still unclear about what metadata is, read the post from EFF by Kurt Opsahl. He gives examples of what companies or governments know when they collect metadata:

They know you rang a phone hookup service at Two:24 am and spoke for eighteen minutes. But they don’t know what you talked about. They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret. They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed.

Now that you know what metadata is, let me reiterate: using end-to-end encryption does not prevent messaging services from collecting metadata.

Let’s see what these guys are collecting:

WhatsApp

WhatsApp’s FAQ states that its app has access to all the phone numbers in your address book, and that it collects a myriad of information about you.

What’s interesting is that WhatsApp doesn’t store your messages on its servers. Instead, your messages are stored on your phone — then ultimately on the servers where you back up your phone. For example, if you use an iPhone, all your WhatsApp messages are stored in iCloud, if you use it as a backup.

As for the information WhatsApp collects about when, where, and with whom you communicate, it’s a lot more vague. Here’s what they say:

Usage and Log Information. We collect service-related, diagnostic, and spectacle information. This includes information about your activity (such as how you use our Services, how you interact with others using our Services, and the like), log files, and diagnostic, crash, website, and spectacle logs and reports.

WhatsApp also collects device-specific information when you install, access, or use their service — such as the model of your phone, its operating system, and information from your browser, IP address, and mobile network — including your phone number.

And if they can’t collect that information through your phone, they’ll obtain it when people message you, since WhatsApp also has access to your friends’ activity data.

Besides the unencrypted backups, other concerns were outlined by the Electronic Frontier Foundation over key switch notification, WhatsApp’s web app, and its sharing of data with Facebook, who acquired WhatsApp in 2014.

Speaking of Facebook…

Facebook Messenger

MIT Technology Review wrote:

Facebook is collecting the most extensive data set ever assembled on human social behavior.

I don’t need to break down what data Facebook collects. Facebook is your friend, so they made it very ordinary for you to understand just how close of a friend they are:

Google Allo

Google Allo has been widely criticized by security experts.

Not only can Google actually read every message you say, they will store all conversations.

It is that elementary.

Here’s Edward Snowden’s tongue-in-cheek advertisement for Allo:

Telegram

Telegram is a tricky one since as I mentioned its encryption protocol shows some flaws from an theoretical perspective.* But let’s set that aside and look at what they collect from you.

Messages, photos, movies, and documents are encrypted and stored on Telegram’s servers (except for the Secret Talk messages, which aren’t stored on Telegram’s servers). Like WhatsApp and Facebook, Telegram accesses and stores your contact list on its server. This is how they’re are able to send you a notification when someone fresh from you contact list joins Telegram. Nice of them, right?

Signal

The only data Signal retains is the phone number you register with and when you last logged into their server.

It doesn’t even record the hour, minute, or 2nd — only the day.

If you’re feeling mischievous, Signal even has disappearing messages.

And Signal is free. Truly free. Meaning that they aren’t attempting to turn your eyeballs into a product for advertisers like Facebook or Google want to do with their messaging apps. You can donate to Signal here.

By the way, Signal code is free and open-source, available on GitHub for you to check.

A few weeks ago, The Guardian reported on a so-called WhatsApp “backdoor.”medium.freecodecamp.com

Why should you care about your privacy?

You might be tempted to say something like:

Who cares? I have nothing to hide.

If you don’t think privacy is all that significant:

Related video:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *