Just because that the messages might be sent end-to-end encrypted from Sue to Joe does not mean Meta cannot read them.
Meta has control over the app Sue uses. So they could send them to Meta unencrypted in addition to sending them to Joe in an encrypted fashion.
Or they just extract the relevant terms:
Sue->Joe: "Hello Joe, I'm so excited! We are going to have a baby! Let's call it Dingbert. You're not the father! Jim is. I hope you don't mind too much!".
More so, my wife sent me a picture of my daughter working on a puzzle. Less than 24 hours later, her Instagram was showing ads for a store that was selling the same type of puzzle as the one my daughter was playing with. So it's not just terms but images too.
She probably gave Instagram access to her photo library (not unreasonable for a photo sharing app). That means the Instagram app can scan her latest pictures in the background when it's opened. I think it's more likely that the data was leaked this way.
In case folks don’t know this: on an iPhone you do not need to give an app access to all your photos in order to use photos in the app.
Under Privacy > Photos, you can set “Selected Photos” instead of “All Photos” on a per-app basis.
Then when you go to add a photo to the app, you first go through an iOS prompt to select the photos the app will have access to. Only then do you go through the app’s photo selection dialogue.
I just did this and the UI is weird and confusing - it looks like I need to statically pick photos in the settings app, which obviously won’t work for day to day use every time I take a photo and want to publish it to instagram.
Not saying it doesn’t work like you say, just saying it doesn’t look like it does.
At least for Telegram each time you go to pick a photo to share, it offers you the chance to "add more photos visible" or you can click Manage.
I assume Instagram and friends would do the same.
I often just take the photo via Telegram instead, which automatically adds it to your photo roll and gives Telegram access to it. It works relatively well.
You can just hit “done” in the settings app and it will close (with no photos selected).
Then on Instagram (for example) when you go to post, you’ll get a message like “you’ve only let Instagram have partial access to your photos - Manage”. Tapping Manage will let you select photos that Instagram can access.
Instagram is especially malicious with this - it is the only app that REQUIRES access to my microphone for me to post something. They try to do this by having a camera inside instagram (that you can record with which would obviously require mic access) but even to post stuff I have already taken (even just photos) it wants mic access. I usually temporarily give it what it wants, post, then remove again.
Is this something that actually happens (= can anyone prove this by disassembling the app or MITMing the network traffic), or is it just unfounded paranoia?
Considering how easy it is to implement these things without anyone noticing since it's closed source, you have to assume it is happening in any scenario where you need any decent opsec. Even in scenarios where you don't, there's been enough cases of similar things happening with well-known apps and services to be wary.
> Considering how easy it is to implement these things without anyone noticing since it's closed source
You can reverse engineer those things and analyze your network traffic. You can’t have a client in a device controlled by the user, in this case an app, send anything to a server without anyone noticing it.
And frankly, they don’t even need it. Just with your contacts they can link you to your friends and common interests without even you having a facebook account, all you need is friends with a fb/ig account who have linked their accounts to their phones and use whatsapp.
The contacts are known to be sent to the server, they are known to be linked to facebook except in the european union where there is a different app from WhatsApp Ireland and a different privacy policy that specifically states (in the version outside of EU) that it shares your contacts with facebook and they are much more valuable and much less risky than reading your messages.
> You can reverse engineer those things and analyze your network traffic.
I frankly don't think people realize how much obfuscation of both app code and network traffic goes on under the hood. "analyzing network traffic" isn't a sustainable option when things are encrypted and behind dozens of layers of protobuf, websockets and other fancy protocols, and get updated and change around all the time. Far from everything is introspectable http, javascript and json these days, and that applies espeically to big apps like these. It's not hard to send privacy-sensitive data along with "legitimate" data like analytics at unexpected times and evade scrutiny.
Yes there's people that dedicate themselves to reverse engineering apps like this, but they're few and far between, and most of them focus on either the easy fish, or security vulns. Considering nobody's building public documentation on the protocols of these apps I'll have to assume it's hard enough and changes often enough to be worth the time of people without special monetary interests.
I agree with the rest of your assessment, there's way less "obviously malicious" ways to exfiltrate data about users than literally uploading users' pictures, since for example whatsapp stored unencrypted backups on google drive until very recently, among other things. I'm just trying to shed a light on the fact that apps like this have a lot of ways to accomplish this without raising too many eyebrows.
It shoukd be easy to test since Ios has a feature called app privacy report that lists networks and permission access and no when you just open the instagram app it does not access photos. Only when you open add to story page or click on the new post icon it does the access.
I imagine the reputational and potential legal consequences would be fairly severe if this sort of privacy invasion were discovered (either by employee leak or reverse engineering). Seems unlikely Meta would take a risk like this.
Back when deep learning was first hitting "mainstream" for object recognition in images, I recall reading that Facebook was using it to look for brand logos and other signs of using a particular product, in your uploaded photos.
Turns out they were also building a database of everyone's face so they could build shadow profiles...
I think that's an important question. Did user take the photo within the app, thereby skipping the camera roll, or did they take the photo, then upload to WhatsApp from camera roll. If the latter than as someone else said, could be that Instagram had access to camera roll and decided to serve ads based upon the puzzle.
I have a suspicion as well that this is what they're doing: before the message is encrypted and sent, the app (on your phone) does analysis and picks out keywords relevant for advertising. So they can claim and be technically correct that they are not reading your messages. Although if their algorithm is doing it on your phone, is it... reading?
Or they can say, technically it wasn't a message before it was sent. The dictionary definition[1] even mentions "send".
It means that for strictly one receiver end-to-end encryption. When it's touted as a feature without explicitly stating that "all messages are sent only e2e encrypted and only to your receiver" we can't assume only the receiver is getting the message, it might be E2E encrypted for all traffic, between people using their own keys and nothing stops Meta from sending a different encrypted payload to their own servers with a key they have access to.
Facebook loves to use newspeak, wouldn't surprise me if they applied newspeak to what "end-to-end encryption" means.
So it's end-to-end encrypted, but your data is sent to some "ends" you didn't think it would be sent to? Well, if that's not a good reason to end your usage of WhatsApp, then I don't know what is...
How would you propose Signal -- or any app for that matter that provides end to end encryption -- encrypt the messages in the first place if they don't have access to the plaintext at some point?
Until there are cybernetic implants, the "ends" are the app running on your phones, which they control.
The quandary of what one allows to run on those implants sounds like a chilling sci-fi novel (chilling not because "but FAANG could read your thoughts!" but because people would absolutely still get them installed).
So you're nit-picking over the phrasing of the sentence, but should instead focus on the spirit/meaning behind it.
It's illustrated in their example below that they if you say you're having a baby, meta can send some type of distilled ad-keywords to its servers (eg `[mother, baby]` if it knows the user is a woman based on their name/profile, but probably more sophisticated than that). The message you sent is still technically end-to-end encrypted, though,
The conversations being e2ee do not affect the app itself from acting on contents. By definition the app needs to know the contents to display it, but it can also update your ad profile. It doesn't even need to send the whole message to meta, just the keywords triggered, or a preprocessed vector defining your interests.
E2ee means only the messages themselves can't be intercepted and read. But if anyone can actually prove fb acting on message contents, I suspect the EU banhammer would be interested.
The application processing the message for the purpose of displaying it is clear.
But if the message is copied, read, analyzed and sent further on behalf of a third party before encryption, then that puts that third party in the middle between the sender and the recipient. A man in the middle directly undermines e2ee: "no one else reads your message".
It doesn't matter if the third party made the messaging app or not. What matters is whether information in your messages is accessible to anyone besides you and the recipient.
E2EE doesn't prevent the app itself from analyzing messages locally, and sending updated interest profiles to meta... which can be a vector of weights or whatever thing they might be using to know what ads to show. If the logic is in the app, the message doesn't leave the app and E2EE is preserved.
This said, analyzing messages for the purpose of ad display is creepy, whatever the way it is done.
E2EE most certainly does exclude analyzing messages anywhere for a third party.
Notice that "ends" in "end-to-end" are users, not applications. When an application forwards things to an entity, then that entity becomes an "end" of the conversation. When it displays a message to the user, the way the user wants, then the user is the end. When it processes the message and delivers results to Facebook, the way Facebook wants it, then the application makes Facebook the "third end".
In such scenario, Facebook had intercepted the message, just chose to forward only some extracted information (which may or may not be enough to reconstruct the original). This does not match the definition of "end-to-end encryption".
> Notice that "ends" in "end-to-end" are users, not applications.
That's not right. First, it's technically an impossible, since users can't do encryption themselves - it's the application that does it. That's where the e2ee boundary is.
Second, we've got e2ee communication between non-user entities as well. There's are servers using for example zerotier which communicate e2ee through other nodes. Third, applications can definitely send the data to other parties automatically. WhatsApp executing backups as configured does not make it not e2ee.
Whatsapp can't read the message on their servers but they can read it at clients, otherwise they cannot display the messages for users. Likewise, Apple/Google can read them too because they have to in order to render the texts.
We know the app decrypts it to display it. But if the app decrypts it to send it to the parent company, then it is by definition not end to end encrypted anymore.
If the app decrypts it, analyzes it and sends information about the message to the parent company, then the same thing is happening. The parent company is reading the message, INSTEAD of E2E encrypting it. It doesn't matter whether that reading happens on device or on the company's servers. E2E means the company is not reading it.
But the problem arises, I think, is when they say they can't read them: "WhatsApp's end-to-end encryption is used when you chat with another person using WhatsApp Messenger. End-to-end encryption ensures only you and the person you're communicating with can read or listen to what is sent, and nobody in between, not even WhatsApp."
https://faq.whatsapp.com/general/security-and-privacy/end-to...
Telegram has encryption (server-client encryption).
Whatsapp may have e2e encryption, but then if it sends conversation or part of them to facebook to serve advertising, that's arguably even worse.
Wait, so Telegram, which is known for being able to read all your texts, is worse than WhatsApp where people are speculating that it might read your texts?
Not that I trust WhatsApp (I use Signal) but that's an odd comparison.
you are also speculating that Telegram read our messages, in transit. For sure, unlike WhatsApp, the Telegram client is FOSS (and you can download it from FDroid).
I'm not speculating at all and I think you're misunderstanding the point I'm trying to make.
First of all, transport security (server-client encryption as you called it) like TLS is irrelevant for this discussion. All major platforms on the internet employ transport security these days, so this is a given.
The point I'm trying to make is that Telegram does not offer E2E encryption by default: (Non-"secret") Messages on Telegram pass through Telegram's servers unencrypted and are also stored there unencrypted, meaning that Telegram has access to all your messages. This is not speculation – Telegram openly admits to this in their FAQ:
Meanwhile, the speculations in the present HN discussions aside, WhatsApp does provide E2E encryption, so – from this POV – is orders of magnitude more secure.
My guess is they encrypt the message twice, append it, and split it off at their servers. To anyone observing traffic, it looks like normal encrypted traffic AND they can still, if needed, show that everyone has their own key and can encrypt/decrypt their own messages. I don't think they would be brazen enough to send it to themselves in plain text.
In principle yes, in practice no, as this is a statement from the WhatsApp website:
> We limit the information we share with Meta in important ways. For example, we will always protect your personal conversations with end-to-end encryption, so that neither WhatsApp nor Meta can see these private messages.
Exactly. Zuckerburg cannot directly read your convo but the app itself writing down a few key keywords of interest and sending it back to facebook / whatsapp is not out of the question. And that amount of traffic is so tiny and could be so easily mixed in with everything else.....
Assuming they're not blatantly violating the policy (which I think they've done before), it's pretty easy to weasel out of that statement by only sharing keywords from the conversation, or only sharing the info with advertisers (but not WhatsApp and Meta), or redefining what a "personal conversation" is, or carefully redefining what "end-to-end encryption" means, or ...
There's no transparency, a huge power imbalance, and terrific pressure on WhatsApp/Meta to monetize as much as possible.
Yup, I think it's just some form of analytics that profiles the user.
I've always suspected them of recording conversations, also why I think Android has gradually tightened permissions and visibilty around speech to text/microphone/camera use.
Meta has control over the app Sue uses. So they could send them to Meta unencrypted in addition to sending them to Joe in an encrypted fashion.
Or they just extract the relevant terms:
Sue->Joe: "Hello Joe, I'm so excited! We are going to have a baby! Let's call it Dingbert. You're not the father! Jim is. I hope you don't mind too much!".
Sue->Meta: "Sue will have a baby"
Insta->Sue: "Check out these cute baby clothes!"