Privacy by Default.

Why WhatsApp is not secure – while TextSecure may be

A false claim about an insecure messenger

To prove that you can trust in software, the source code of the software has to be available. This is the case with TextSecure but not with WhatsApp. What does Cory Doctorow move to make statements about WhatsApp like this?

It's the largest-ever deployment of end-to-end crypto, and assuming they didn't add any back-doors or make critical errors, this means that hundreds of millions of users can now communicate without being spied upon by governments, crooks, cops, spies or voyeurs.

This is just plain wrong. I'm questioning that, because WhatsApp has to add a back-door for sure. And Doctorow knows that. This is because of Section 215 US Patriot Act – at least there is a legal back door, which can be (ab)used by US governmental agencies at any time. There was an attempt by the Obama Administration to weaken the total surveillance just for US citizens only (all other people on our planet are unprotected anyways). But it was lately rejected by Republicans blocking this attempt in US Senate. I'm sure, Doctorow is aware of that fact, too. So why is Doctorow not telling the truth?

Silicon Valley have to regain trust from their customers

What was feared immediately after Snowden revelations, became an open secret to everyone in the business: mistrusting US IT services is a huge issue for Valley's money making industry, the cloud services. When people started to have mistrust into US systems, things started to go wrong for many companies like Google, Facebook or Apple.

Companies like Google build their business model on the base that they're keeping all their customers under holistic surveillance. Eric Schmidt made no secret out of it, and additionally approved that everything can (and will) be provided to “the authorities” if requested.

Apple reacted quickly. As a company which makes money out of hardware sales and sales of music, apps and other content, cloud business for Apple is more or less an add-on. So it is no surprise that Apple were one of the first to deploy good cryptography in their messaging. But there is a huge difference between good crypto and “the government cannot intercept” as this report is explaining. It is not Apple's fault, to make that clear. All US companies have no choice on that topic. Including WhatsApp.

The special case of Facebook (and WhatsApp)

With Facebook – the owners of WhatsApp – the case is different, though. That is because Facebook is the creation of In-Q-Tel, as The Guardian claimed already in 2008. And what In-Q-Tel is, you can read in this article, too:

What's In-Q-Tel? Well, believe it or not (and check out their website), this is the venture-capital wing of the CIA. After 9/11, the US intelligence community became so excited by the possibilities of new technology and the innovations being made in the private sector, that in 1999 they set up their own venture capital fund, In-Q-Tel, which “identifies and partners with companies developing cutting-edge technologies to help deliver these solutions to the Central Intelligence Agency and the broader US Intelligence Community (IC) to further their missions”.

The Guardian delivers proofs that there is the same group of people interrelated with Facebook and In-Q-Tel. Proofs for an actual invest are not given. I'm sure the reader can conclude how much trust Facebook should earn for keeping users' privacy. That's now including WhatsApp.

What is actually going on here?

So Moxie and Open WhisperSystems are now “cooperating” with Facebook's daughter company WhatsApp. And Doctorow, who is member of the Advisory Board of Google's privacy think tank “SimplySecure”, is applauding.

Honi soit qui mal y pense.

published Wed, 19 Nov 2014 06:35:14 +0100 #manipulation #pr #spooky #valley

back to the index