This retort does not address the fundamental point made in the Guardian piece:
> “[Some] might say that this vulnerability could only be abused to snoop on ‘single’ targeted messages, not entire conversations. This is not true if you consider that the WhatsApp server can just forward messages without sending the ‘message was received by recipient’ notification (or the double tick), which users might not notice. Using the retransmission vulnerability, the WhatsApp server can then later get a transcript of the whole conversation, not just a single message.”
This allows WhatsApp to MITM. Whatapps can rekey both Alice and Bob, decrypt both their messages from that point onwards (incl unsent messages) and forward them re-encrypted with their real keys. The only notification might be that rekeying warning, if the users have turned it on. In this scenario even the double-checkmarks are present.
This is contrary to WhatsApp's claim that even they cannot snoop.
PS: I just check on my phone if those notifications were turned on. There were not. And I'd never turn those off myself, which leads me to conclude that the rekeying notifications are off by default (in their android app)
He does address this:
Once the sending client displays a "double check mark," it can no longer be asked to re-send that message.
That means a user is able to verify visually that the end-to-end is working.
"users might not notice" doesn't seem to me as a strong argument to state this as a backdoor. This would imply not noticing that you don't have a green padlock on chrome is a backdoor too, and it clearly is not.
Regardless of the merit of this specific accusational-and-denial cycle, the fact remains that Whatsapp is closed source crypto and there is no way in principle for the user to verify any security claims.
I happen to trust Moxie's principles, but not as much as I distrust the relationship-with-government imperatives implied by FB's vast business interests.
Look if WhatsApp wants to read your messages without you detecting, there's nothing you can really do to prevent it apart from not using WhatsApp.
For instance if you're on some list for message interception, they can give you MITMed keys when you first login. Or they can insert some subtle signal that tells the app on your specific phone to ignore key changes and avoid showing notification in some way you would struggle to check (closed source and obfuscated code) etc etc. They could even show you the right key if you attempt verification but use a compromised one for communication. This particular vuln. would be a ridiculously crude way to intercept messages.
In any closed source system where key distribution and message distribution are centralized, there is no way to protect against the service provider - and anyone who co-opts the service provider (eg. with a court order). The objective of the encryption is to protect against other actors snooping on you
If you are concerned enough about the security and privacy of the app, then you should learn how to use the app. That includes learning about the indicators provided by the UI telling you about key changes, delivery notifications, and anything else the developers considered important enough to show the user.
1) ANY one message can be intercepted even if the sender exhibits ideal levels of alertness [Whatsapp server drops message to recipient; sends a rekey request with a fake key; message is intercepted since fake key was generated by server. Sender will see a warning if they turned on that setting (default is to show no warning), but it's too late].
2) Only Whatsapp has this vuln, not Signal app.
3) Depending on sloppiness of sender, more extensive interception is possible. [E.g., server not supplying delivery reports + sender doesn't have warning for key changes + sender sloppy about noticing lack of double check mark => full transcript can be generated]
I think all this is by-the-by. The gist of The Guardian's article was that WhatsApp has full control of when, if and how your messages are encrypted, and if you're a dissident working against an oppressive regime and you use WhatsApp to collaborate with your allies, your ass is grass, because there isn't anything physically preventing security agencies from getting hold of your communications.
That such security agencies have the power to force WhatsApp (or anyone) to comply with their demands is without doubt. A really secure system for activists would be one that makes it impossible even for the provider to read your messages, under any circumstances. WhatsApp is not just not that, it is also ridiculously easy for them to read your messages, if they so choose and you use it at your own risk.
They are a US company and they control what version of the app is in the play/apple store. They could be force to push a version of a flaw and no one could verify it. The source looks good but the app that has been distributed is not.
I love this post for the in-depth explanation of the UX challenges around e2e encryption and why they made the decisions they did. It's educational.
I think Moxie highlights a very good point that is commonly underrated among "security Dunning-Krugers": Opening yourself to the possibility of an attack is often OK if the attack is easily detectable, and if the identity of the attacker would be obvious upon detection. Yes, Facebook could intercept and decrypt a message without your advance knowledge. However, you would be able to detect it after the fact. And if you detected an attack, the attacker could be no one other than Facebook. You could then expose them and ruin their reputation. Given this, it's unlikely that Facebook would risk carrying out such an attack in the first place.
Security is not binary, it's risk management. The goal is to minimize the risk of an attack, not to rule it out entirely (hint: you can't). I think WhatsApp has made the right choices here.
In most cases, I'd much rather disallow Facebook from MITMing my messages than try to "ruin their reputation" (hint: I won't, because Facebook already does far worse things on a regular basis without so much as an eye-bat from the world).
In other words: I care about the confidentiality of my messages far more than the promise of some sort of dubious ability to shame Facebook for simply fulfilling its business model. Sure, there are some cases where allowing security to be exploited in one area protects the security of another, but those are called "honeypots", and I sure as hell hope my private communications are not a part of that.
Transparency is a dependency of trust. WhatsApp is not transparent; therefore, it is not trustworthy. Simple as that.
At the end of the day, it comes down to trusting WhatsApp. Even without a backdoor in their protocol, they can easily do all kinds of things.
For instance, it could instruct specific clients to encrypt and send each message twice: one for the recipient, and one for the WhatsApp server. As long as this was off for 99.9% of users, it's unlikely that security researchers would ever detect this.
>The WhatsApp clients have been carefully designed so that they will not re-encrypt messages that have already been delivered. Once the sending client displays a "double check mark," it can no longer be asked to re-send that message. This prevents anyone who compromises the server from being able to selectively target previously delivered messages for re-encryption.
Can this be verified? Can this be verified to be the case 100% of the time? Is there anything stopping the client from lying to a user [0] with this interface, saying one thing (i.e. "this will not be resent") and doing another (i.e. resending)?
[0] - Or being triggered to lie to a particular user at a particular time.
If your threat model includes using a malicious app to send messages then you lose anyway. Nothing can ever be done to send messages securely using whatsapp if the client is neither trusted nor verified. This is true for basically all software that you use.
>Can this be verified? Can this be verified to be the case 100% of the time? Is there anything stopping the client from lying to a user
No.
OpenWhisper system otherwise GPLv3 auditable libraries are closed source for usage by WhatsApp and Facebook Messenger. Either OpenWhisper systems has elected not to enforce their copyright (in which case you could make a BSD/MIT/Apache fork of their software), OR they have consented to Facebook allowing them to circumvent the license.
Eitherway. The code in WhatsApp is off limits for anyone not working with Facebook so well never know. Closed source crypto is bad. We only have WhatsApp's word the Facebook libraries have no modifications.
No there's nothing stopping WhatsApp from lying to you, although if they are then the double checkmark seems like the least of your worries.
As far as I can tell this 'backdoor' is only relevant for the scenario where WhatsApp is not actively malicious, but gets taken over by a malicious entity, which wants to target someone who's disabled updates.
Isn't it possible (in fact trivial) to sniff the traffic generated by WhatsApp and verify that it is indeed the message transmitted, encrypted by the key on the device?
It actually doesn't matter. They are talking about comprimising the servers. The government has the power to force a backdoor (remember Lavabit?). All Whatsapp has to do is update their client, and all the beautiful encryption schemes are ruined.
If you need a truly secure communication system, it has to be open source and self-hosted. You still have to trust the hardware though.
> That would leak information to the server about who has enabled safety number change notifications and who hasn't, effectively telling the server who it could MITM transparently and who it couldn't; something that WhatsApp considered very carefully.
I am not convinced. Why should this option exist at all? Even worse, it is disabled by default. Just enable notifications for everyone and demand verification. If you don't want to verify, just ticking "veryfied" without actual verification is not that bad, it is just a trust-on-first-use principle in action. Actually it is how SSH works and nobody complains about SSH being backdoored.
If we're talking about key change notifications, isn't SSH the thing that throws the following error when a key changes?
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
51:82:00:1c:7e:6f:ac:ac:de:f1:53:08:1c:7d:55:68.
Please contact your system administrator.
Add correct host key in /Users/user/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/user/.ssh/known_hosts:12
RSA host key for 8.8.8.8 has changed and you have requested strict checking.
Host key verification failed.
WhatsApp has a gazillion+ users, most of whom don't care about e2e security and definitely don't care enough to verify keys before they are allowed to chat with their friends again. The friction caused by a security popup that 90% of users simply ignore is real. It annoys users and causes fatigue that jeopardizes future security notifications.
I think both Signal and WhatsApp "trust on first use" like SSH does it.
The issue here is that:
1) the vast majority of users have those MITM notifications off by default (because WhatsApp decided it's best that way)
2) WhatsApp generates its own keys in some scenarios, like when people switch their SIM cards, so the "trust on first use" that worked on the original SIM is gone out of the window now, and the users won't even know it because the notification is off by default.
Actually now that I think about it, this is why WhatsApp must have let the notifications off by default, because they knew they would generate their own keys this way, which would generate a lot of those notifications all the time.
Caveat: I have never used WhatsApp and do not know anything about its interface or options (default or otherwise).
>>[The choice to make these notifications "blocking" (i.e. to require manual verification) would] leak information to the server, etc., etc.
>Why should this option exist at all?
The option does not exist, and should not exist. That's the author's point there. You agree with him and with WhatsApp on that.
All you disagree on is implementation:
Author: "[Non-blocking defaults] provide transparent and cryptographically guaranteed confidence in the privacy of a user's communication, along with a simple user experience."
You: "Enable notifications for everyone and demand verification; if you don't want to verify, just tick "verified" without actually verifying."
How are these two substantially different? They look the same to me in terms of security and WhatsApp's implementation doesn't make you click anything.
Moxie claimed:
> "The choice to make these notifications "blocking" would in some ways make things worse. That would leak information to the server about who has enabled safety number change notifications and who hasn't, effectively telling the server who it could MITM transparently and who it couldn't; something that WhatsApp considered very carefully."
Surely if WhatsApp cared about the server not being able to detect this, they could just get the client to "retransmit" an encrypted blank message in place of the original under these circumstances. Then the server wouldn't be able to tell who has enabled blocking mode and who hasn't.
tl;dr to me seems: Since users can change devices, they'll need to reissue key material, this needs to be supported. WhatsApp reports key changing optionally, but doesn't tell the server that happened.
If WhatsApp tries to backdoor a channel and one of the users has key change notification, they'll find out about it, and WhatsApp has no idea whether the warning was shown.
Of course there is a backdoor. Why not? Under what law whatsapp and whispersystems live? The one with secret courts and secret court orders?. How to trust someone
under this umbrella?
We need to spread technology companies. Everything but a bunch of things comes from this law.
And what starts in another country, magicaly gets bought or dismissed. Take Symbian as an example...
'Given the size and scope of WhatsApp's user base, we feel that their choice to display a non-blocking notification is appropriate. It provides transparent and cryptographically guaranteed confidence in the privacy of a user's communication, along with a simple user experience. The choice to make these notifications "blocking" would in some ways make things worse. That would leak information to the server about who has enabled safety number change notifications and who hasn't, effectively telling the server who it could MITM transparently and who it couldn't; something that WhatsApp considered very carefully.'
Why not have every client show up as having safety number change notifications on and just choose whether to display them client side depending on user settings? i.e. if you have them off, no message will display and the message will automatically be resent using the new key?
What is the user supposed to do when they get notified of a "safety number changed" message? How do they verify they've not just been MITM? Honest question... I don't use whatsapp or signal at all.
It's up to you to confirm what's going on using another channel (say call them on phone and see what's going on, compare the numbers). It's the same thing ssh does when server keys change for instance. To me it's a reasonable way to handle such situation.
You have to physically compare the numbers on the two phones (in real life), or send the numbers through a different trusted channel (PGP, USPS, Carrier Pigeon, etc).
You can aks the other party to resend you a message from before (one that doesn't matter).
Ie. Can you confirm this is you: send me a message from 5 messages back using the quote function. (you know what is said 5 mssgs back so you can pick a non sensitive one, and they can do the same to you)
edit: nvm, if this is man in the middle then that doesn't matter because you still exchange with each other and its not a hijack.
Sorry, I made a mistake.
There seems to be a pretty clear war going on between engineers and journalists lately.
- Chris Latter [1] vs Business Insider [2]
- Elon Musk vs (Bunch of outlets)
- Moxie vs The Guardian
I feel like journalists want to write a compelling story and engineers are on the other side like "No, those aren't facts!" I don't follow a lot of media outlets but it seems like journalists either lack the skills or don't care about doing any technical due diligence.
Let's avoid our own bias of automatically believing the engineers are in the right; they are fallible people, no more or less honest or prone to error than journalists.
Every news story that breaks, involving any person or industry, gets the same response: It's false, they didn't ask us, etc. etc. Therefore, that response is not an indication that something is wrong (or right); the response tells us nothing in itself.
I don't think the Chris Lattner thing is a war at all. The journalist gave a reasonable effort to get a comment from Lattner, never got a response, so went with a story from a source they found trustworthy. Lattner issued a denial after the fact, and it's included near the top of the story.
I guess it's possible that the journalist completely fabricated the story, but I think it's a lot more likely that either someone at Apple overstated their relationship with Lattner to vent their own frustrations, or Lattner is trying not to burn bridges. At worst it's an avoidable inaccuracy, not a war.
The dispute is really Facebook vs Tobias Boelter (https://tobi.rocks/), with Manisha Ganguly (freelance, so not really The Guardian) putting pressure on Facebook.
I think it's more that the media is biased against corporations, because positive information about corporations sounds like an advertisement or is instead attributed to the employee. Headlines like "Zuckerberg fires 100 employees" or "Wal-mart saves puppy" seem to be either rare or nonexistent.
It would be a war if all these people were allied together. Neither the engineers nor the outlets mentioned here are allied parties. They're disparate across the board.
Facebook's payments to use the Signal protocol pay the bills. Same reason why Moxie was fine with Google disabling E2E by default so they could use chat for ad targeting, after attacking other software for doing this, and with them tying enabling it to inconvenient behaviour like disabling the chat log that discourages all but the most paranoid from using it.
The real "Whatsapp Backdoor" is that, by default, the app stores a backup of all your messages on "teh cloud". On android, that's google.
So google can play "eve", and every run of the mill script kiddie that can get your google credentials may "restore" your messages. How convenient.
And that's the default settings. So, even if you turn it off, "mallory" can steal the credentials of your contact and snoop into your conversation that way.
As with all end-to-end encryption it stops at the "end". It is this unencrypted state, in which humans consume data, that can't be defended by crypto.
Therefore the only way to be completely safe, is to make sure both you and your conversation partner don't decrypt their message until it's on an offline device only you have access to.
But end-to-end encryption where the interface (mobile app/phone) is controlled by the parties you want to protect your data from is not possible. WhatsApp could send freaking screenshots back of the unencrypted data if they wanted. For nearly all other threat models whatsApp's encryption is a wonderful add-on.
[+] [-] jMyles|9 years ago|reply
This retort does not address the fundamental point made in the Guardian piece:
> “[Some] might say that this vulnerability could only be abused to snoop on ‘single’ targeted messages, not entire conversations. This is not true if you consider that the WhatsApp server can just forward messages without sending the ‘message was received by recipient’ notification (or the double tick), which users might not notice. Using the retransmission vulnerability, the WhatsApp server can then later get a transcript of the whole conversation, not just a single message.”
[+] [-] rndgermandude|9 years ago|reply
PS: I just check on my phone if those notifications were turned on. There were not. And I'd never turn those off myself, which leads me to conclude that the rekeying notifications are off by default (in their android app)
[+] [-] tucif|9 years ago|reply
That means a user is able to verify visually that the end-to-end is working. "users might not notice" doesn't seem to me as a strong argument to state this as a backdoor. This would imply not noticing that you don't have a green padlock on chrome is a backdoor too, and it clearly is not.
[+] [-] avn2109|9 years ago|reply
I happen to trust Moxie's principles, but not as much as I distrust the relationship-with-government imperatives implied by FB's vast business interests.
[+] [-] FabHK|9 years ago|reply
https://tobi.rocks/2017/01/there-is-a-whatsapp-backdoor/
Edit to add: It's also on HN (empty so far):
https://news.ycombinator.com/item?id=13404263
[+] [-] sfifs|9 years ago|reply
For instance if you're on some list for message interception, they can give you MITMed keys when you first login. Or they can insert some subtle signal that tells the app on your specific phone to ignore key changes and avoid showing notification in some way you would struggle to check (closed source and obfuscated code) etc etc. They could even show you the right key if you attempt verification but use a compromised one for communication. This particular vuln. would be a ridiculously crude way to intercept messages.
In any closed source system where key distribution and message distribution are centralized, there is no way to protect against the service provider - and anyone who co-opts the service provider (eg. with a court order). The objective of the encryption is to protect against other actors snooping on you
[+] [-] grappler|9 years ago|reply
[+] [-] psranga|9 years ago|reply
1) ANY one message can be intercepted even if the sender exhibits ideal levels of alertness [Whatsapp server drops message to recipient; sends a rekey request with a fake key; message is intercepted since fake key was generated by server. Sender will see a warning if they turned on that setting (default is to show no warning), but it's too late].
2) Only Whatsapp has this vuln, not Signal app.
3) Depending on sloppiness of sender, more extensive interception is possible. [E.g., server not supplying delivery reports + sender doesn't have warning for key changes + sender sloppy about noticing lack of double check mark => full transcript can be generated]
[+] [-] YeGoblynQueenne|9 years ago|reply
That such security agencies have the power to force WhatsApp (or anyone) to comply with their demands is without doubt. A really secure system for activists would be one that makes it impossible even for the provider to read your messages, under any circumstances. WhatsApp is not just not that, it is also ridiculously easy for them to read your messages, if they so choose and you use it at your own risk.
[+] [-] sschueller|9 years ago|reply
They are a US company and they control what version of the app is in the play/apple store. They could be force to push a version of a flaw and no one could verify it. The source looks good but the app that has been distributed is not.
[+] [-] kentonv|9 years ago|reply
I think Moxie highlights a very good point that is commonly underrated among "security Dunning-Krugers": Opening yourself to the possibility of an attack is often OK if the attack is easily detectable, and if the identity of the attacker would be obvious upon detection. Yes, Facebook could intercept and decrypt a message without your advance knowledge. However, you would be able to detect it after the fact. And if you detected an attack, the attacker could be no one other than Facebook. You could then expose them and ruin their reputation. Given this, it's unlikely that Facebook would risk carrying out such an attack in the first place.
Security is not binary, it's risk management. The goal is to minimize the risk of an attack, not to rule it out entirely (hint: you can't). I think WhatsApp has made the right choices here.
[+] [-] yellowapple|9 years ago|reply
In other words: I care about the confidentiality of my messages far more than the promise of some sort of dubious ability to shame Facebook for simply fulfilling its business model. Sure, there are some cases where allowing security to be exploited in one area protects the security of another, but those are called "honeypots", and I sure as hell hope my private communications are not a part of that.
Transparency is a dependency of trust. WhatsApp is not transparent; therefore, it is not trustworthy. Simple as that.
[+] [-] sebleon|9 years ago|reply
For instance, it could instruct specific clients to encrypt and send each message twice: one for the recipient, and one for the WhatsApp server. As long as this was off for 99.9% of users, it's unlikely that security researchers would ever detect this.
[+] [-] tyrust|9 years ago|reply
Can this be verified? Can this be verified to be the case 100% of the time? Is there anything stopping the client from lying to a user [0] with this interface, saying one thing (i.e. "this will not be resent") and doing another (i.e. resending)?
[0] - Or being triggered to lie to a particular user at a particular time.
[+] [-] UncleMeat|9 years ago|reply
[+] [-] valarauca1|9 years ago|reply
No.
OpenWhisper system otherwise GPLv3 auditable libraries are closed source for usage by WhatsApp and Facebook Messenger. Either OpenWhisper systems has elected not to enforce their copyright (in which case you could make a BSD/MIT/Apache fork of their software), OR they have consented to Facebook allowing them to circumvent the license.
Eitherway. The code in WhatsApp is off limits for anyone not working with Facebook so well never know. Closed source crypto is bad. We only have WhatsApp's word the Facebook libraries have no modifications.
[+] [-] contravariant|9 years ago|reply
As far as I can tell this 'backdoor' is only relevant for the scenario where WhatsApp is not actively malicious, but gets taken over by a malicious entity, which wants to target someone who's disabled updates.
[+] [-] jMyles|9 years ago|reply
Has anyone performed such an audit?
[+] [-] olegkikin|9 years ago|reply
If you need a truly secure communication system, it has to be open source and self-hosted. You still have to trust the hardware though.
[+] [-] kingnight|9 years ago|reply
Even with perfect e2e encryption protocol added, what's preventing WhatsApp developers (FB) from adding in a feature of the app:
if local.user is "TargetUser007" { takeDeviceSnap(); sendDeviceSnapshotToFBOverSameEncryption(); }
Wouldn't this not be ever verifiable unless you ARE that specific user and it's too late?
[+] [-] ycmbntrthrwaway|9 years ago|reply
I am not convinced. Why should this option exist at all? Even worse, it is disabled by default. Just enable notifications for everyone and demand verification. If you don't want to verify, just ticking "veryfied" without actual verification is not that bad, it is just a trust-on-first-use principle in action. Actually it is how SSH works and nobody complains about SSH being backdoored.
[+] [-] cypherpunks01|9 years ago|reply
[+] [-] UncleMeat|9 years ago|reply
[+] [-] mtgx|9 years ago|reply
The issue here is that:
1) the vast majority of users have those MITM notifications off by default (because WhatsApp decided it's best that way)
2) WhatsApp generates its own keys in some scenarios, like when people switch their SIM cards, so the "trust on first use" that worked on the original SIM is gone out of the window now, and the users won't even know it because the notification is off by default.
Actually now that I think about it, this is why WhatsApp must have let the notifications off by default, because they knew they would generate their own keys this way, which would generate a lot of those notifications all the time.
[+] [-] mos_basik|9 years ago|reply
>>[The choice to make these notifications "blocking" (i.e. to require manual verification) would] leak information to the server, etc., etc.
>Why should this option exist at all?
The option does not exist, and should not exist. That's the author's point there. You agree with him and with WhatsApp on that.
All you disagree on is implementation:
Author: "[Non-blocking defaults] provide transparent and cryptographically guaranteed confidence in the privacy of a user's communication, along with a simple user experience."
You: "Enable notifications for everyone and demand verification; if you don't want to verify, just tick "verified" without actually verifying."
How are these two substantially different? They look the same to me in terms of security and WhatsApp's implementation doesn't make you click anything.
[+] [-] mhandley|9 years ago|reply
Surely if WhatsApp cared about the server not being able to detect this, they could just get the client to "retransmit" an encrypted blank message in place of the original under these circumstances. Then the server wouldn't be able to tell who has enabled blocking mode and who hasn't.
[+] [-] aaronbrager|9 years ago|reply
1. handle new keys the same way Chrome handles expired SSL certs: a big warning with the option to continue anyway if you want
2. Don't automatically resend a message with a new key (require the user to manually resend, like when iMessage falls back on MMS)
3. enable the key change notifications and make disabling them an "advanced" setting
WhatsApp is making the right choice by designing for ease of use, I think they just landed a little too far away from a secure implementation.
[+] [-] hackcasual|9 years ago|reply
If WhatsApp tries to backdoor a channel and one of the users has key change notification, they'll find out about it, and WhatsApp has no idea whether the warning was shown.
[+] [-] _jp__|9 years ago|reply
We need to spread technology companies. Everything but a bunch of things comes from this law.
And what starts in another country, magicaly gets bought or dismissed. Take Symbian as an example...
[+] [-] RatherFunky|9 years ago|reply
[deleted]
[+] [-] agd|9 years ago|reply
Why not have every client show up as having safety number change notifications on and just choose whether to display them client side depending on user settings? i.e. if you have them off, no message will display and the message will automatically be resent using the new key?
[+] [-] throw7|9 years ago|reply
[+] [-] ivanhoe|9 years ago|reply
[+] [-] sloanesturz|9 years ago|reply
[+] [-] Freestyler_3|9 years ago|reply
edit: nvm, if this is man in the middle then that doesn't matter because you still exchange with each other and its not a hijack. Sorry, I made a mistake.
[+] [-] jlgaddis|9 years ago|reply
[+] [-] subliminalpanda|9 years ago|reply
A few would inquisitively ask "Yes, how did you know?", then I would explain them to them the notification I got.
[+] [-] joeblau|9 years ago|reply
- Chris Latter [1] vs Business Insider [2]
- Elon Musk vs (Bunch of outlets)
- Moxie vs The Guardian
I feel like journalists want to write a compelling story and engineers are on the other side like "No, those aren't facts!" I don't follow a lot of media outlets but it seems like journalists either lack the skills or don't care about doing any technical due diligence.
[1] - https://twitter.com/clattner_llvm/status/819974025371787264
[2] - http://www.businessinsider.com/how-apples-culture-of-secrecy...
[+] [-] hackuser|9 years ago|reply
Let's avoid our own bias of automatically believing the engineers are in the right; they are fallible people, no more or less honest or prone to error than journalists.
Every news story that breaks, involving any person or industry, gets the same response: It's false, they didn't ask us, etc. etc. Therefore, that response is not an indication that something is wrong (or right); the response tells us nothing in itself.
[+] [-] burkaman|9 years ago|reply
I guess it's possible that the journalist completely fabricated the story, but I think it's a lot more likely that either someone at Apple overstated their relationship with Lattner to vent their own frustrations, or Lattner is trying not to burn bridges. At worst it's an avoidable inaccuracy, not a war.
[+] [-] nl|9 years ago|reply
The Guardian story was good. Perhaps it is slightly overblown, but it is arguable both ways, and it certainly highlighted a real issue.
Musk is way over defensive and never admits a problem of any kind, and in most of the stories about him there is a problem of some kind.
I haven't followed the Latter story at all.
[+] [-] Mathnerd314|9 years ago|reply
I think it's more that the media is biased against corporations, because positive information about corporations sounds like an advertisement or is instead attributed to the employee. Headlines like "Zuckerberg fires 100 employees" or "Wal-mart saves puppy" seem to be either rare or nonexistent.
[+] [-] frandroid|9 years ago|reply
[+] [-] Ar-Curunir|9 years ago|reply
[+] [-] runjake|9 years ago|reply
[+] [-] Eager|9 years ago|reply
7.7 billion people in this planet are not part of ISIS.
Nice business model though.
Even if WhatsApp or Telegram or Signal are not compromised, you realky should assume the kernel or baseband are.
When I was a kid, I did an experiment cracking Apple] [ software.
Turns out forget the disk encryption, just hook up the NMI interrupt and you are golden... snapshot whenever you want.
Seriously, security is a joke. Nothing is safe. Get over it.
[+] [-] _Codemonkeyism|9 years ago|reply
This makes me highly suspicion my usage of Signal :-(
[+] [-] makomk|9 years ago|reply
[+] [-] ucy|9 years ago|reply
So google can play "eve", and every run of the mill script kiddie that can get your google credentials may "restore" your messages. How convenient.
And that's the default settings. So, even if you turn it off, "mallory" can steal the credentials of your contact and snoop into your conversation that way.
[+] [-] theveloped|9 years ago|reply
Therefore the only way to be completely safe, is to make sure both you and your conversation partner don't decrypt their message until it's on an offline device only you have access to.
But end-to-end encryption where the interface (mobile app/phone) is controlled by the parties you want to protect your data from is not possible. WhatsApp could send freaking screenshots back of the unencrypted data if they wanted. For nearly all other threat models whatsApp's encryption is a wonderful add-on.