Privacy

47067 readers

602 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

763

Me Buying A Phone From Google Solely Because I Can Put GrapheneOS On It (media.piefed.social)

submitted 2 days ago* (last edited 2 days ago) by BladeFederation@piefed.social to c/privacy@lemmy.ml

159 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] NewNewAugustEast@lemmy.zip 1 points 2 days ago (2 children)

Can you show me where it's verified? Did someone get to see the code?

[–] jjlinux@lemmy.zip 1 points 1 day ago (1 children)

https://www.nccgroup.com/media/fzwdxklh/_ncc_group_whatsapp_e001000m_report_2021-10-27_v12.pdf

https://eprint.iacr.org/2023/843.pdf

Also, their e2ee is built on the signal protocol. Now, their server code and client code are not open source, so they could have left all types of doors open for their benefit. Also, the Metadata is not encrypted at all, something they actually brag about for some reason.

And just to be clear, I am a genuine 'everything-meta-hater" (and Google, MicroShit, Crapple, Crapsung, etc.), but spreading misinformation doesn't help preaching about privacy and security.

[–] NewNewAugustEast@lemmy.zip 1 points 1 day ago* (last edited 1 day ago) (1 children)

That verified if their backups were end to end encrypted though right?

It's also interesting what was out of scope:

Limitations
The following components were not in scope; NCC Group was therefore unable to evaluate and identify issues with them: • Third-party and proprietary HSM vendor implementation.
• Backup encryption implementation.
• Side-channels in the access, creation, modification and deletion of backup data on third-party cloud storage.

[–] jjlinux@lemmy.zip 0 points 1 day ago (1 children)

Dude, you seem to be under the impression that I'm somehow defending meta, and you're evidently in battle mode. I said my piece, provided the evidence as requested. I guess this is where I drop off of this convoy for ith you, buddy. Make of it what you will. Have a good day.

[–] NewNewAugustEast@lemmy.zip 2 points 1 day ago

No, I am not in battle mode. I just read the link and found it interesting and responded with things I saw in it.

What I didn't do, was realize you sent TWO links, and I failed to read the second one. But believe me I am not trying to argue in any way. I am just responding. I imagine your second link will clear that up for me.

[–] hagelslager@feddit.nl 2 points 2 days ago* (last edited 2 days ago) (1 children)

As far as I'm aware Moxie Marlinspike made the encryption before it was acquired by Facebook. One of the founders of WhatsApp now finances Marlinspike'd Signal messenger.

In theory Meta only sees who you communicate with, but not what you communicate.

(I wouldn't be surprised if the bastards are trying to undo the encryption if they already haven't.)

[–] noodlejetski@piefed.social 2 points 1 day ago

before it was acquired by Facebook

not that it really matters, but it was a few years after the acquisition.