
Facebook Plans on Backdooring WhatsApp? - anilgulecha
https://www.schneier.com/blog/archives/2019/08/facebook_plans_.html
======
wcathcart
We haven't added a backdoor to WhatsApp. The Forbes contributor referred to a
technical talk about client side AI in general to conclude that we might do
client side scanning of content on WhatsApp for anti-abuse purposes.

To be crystal clear, we have not done this, have zero plans to do so, and if
we ever did it would be quite obvious and detectable that we had done it. We
understand the serious concerns this type of approach would raise which is why
we are opposed to it.

~~~
aorth
Sadly it boils down to "trust us" (or really, trust wcathcart), which is a
position users have been betrayed in countless times over the past decades
(and Facebook has a horrible reputation for user privacy). Compare that with
Signal—or any other application with an open-source client—where we can
inspect the source code and compile our own client.

~~~
dwild
> Sadly it boils down to "trust us"

If this is done client side, it doesn't boils down to that. You can easily
decompile and see for yourself what it does. You will gain quite a bit of
notoriety if you are the first one to catch them too.

As he said:

> if we ever did it would be quite obvious and detectable that we had done it.

~~~
inimino
> You [can] decompile and see for yourself what it does.

Assuming your device allows you to get the binary. Apple is already in a
position to disallow this if they choose to in the future.

~~~
dwild
> Assuming your device allows you to get the binary. Apple is already in a
> position to disallow this if they choose to in the future.

Theses kinds of thing never stopped anyone. Being the first to share a hash of
a system file in a console is always an achievement that many hackers tend
race to do when a new one is released.

For sure the harder it is, the less person will do it, thus the more theses
things will be able to go under the radar, but for now it's not so much an
issue.

~~~
inimino
For now. Until you need a tunnelling electron microscope to maintain the
fiction that you still own the hardware.

------
OrwellianChild
This article cites a Forbes contributor (Kalev Leetaru) whose articles are
endlessly self-cited with no outside sourcing. Can anyone confirm that any of
this is actually real? I got 3 layers deep and could find nothing of
substance.

~~~
Skunkleton
Does it really matter? We already know that these companies are willing to
collaborate with intelligence services. We already know that Facebook is
hoovering up your data. We know Jan Koum already left Facebook over privacy
issues. Maybe the article is click bait trash, maybe it isn't, but we should
assume that whatsapp isn't secure.

~~~
root_axis
Does it matter if things are true or made up? Yes.

~~~
fragmede
Unfortunately, it's likely we'll never get a rigorous proof of malfeasance.
Thus do you go with WhatsApp as a homosexual in Russia or Iran, or as
protestor in Hong Kong against the Chinese government, given that Facebook has
given us plenty of reasons to distrust them?

~~~
root_axis
I'm not saying to trust Facebook. I think it is wise not to trust them. Just
because I don't trust Facebook doesn't mean that I should assume by default
that every allegation against Facebook is true.

------
anilgulecha
This shows the downside of network-effects so succinctly. It's almost hopeless
to think people will realistically move to a technically superior alternative
without this privacy hole.

~~~
_bxg1
The nice thing about direct-chat apps is that the network effect isn't nearly
as strong as for traditional social networks. If you want to use X to talk
with someone, you can just download it and then talk with that person. You
don't have to get everyone to switch at once. You'll have more little app
icons on your phone but that's about the extent of the cost.

~~~
asark
Probably 95+% of all my sent or received Whatsapp messages are for groups. If
I don't get _most_ of the people I communicate with to switch to another (the
same!) messenger, it's pretty inconvenient.

It doesn't help that, last I checked, the good (open) alternatives were all
much jankier or missing one or more major features we use. Makes them hard to
sell. :-/

~~~
skyyler
Curious, what features is Telegram missing for you?

~~~
hermanradtke
Default end to end encryption.

~~~
tripzilch
They were talking about group chats.

------
hudga
"source is based on overdrawn conclusions from a speculative article. The
linked Forbes (F1) article goes to another Forbes article (F2), which links to
the Developer talk. F2 is a speculative article based on the Facebook talk..."

References:

[1]
[https://www.schneier.com/blog/archives/2019/08/facebook_plan...](https://www.schneier.com/blog/archives/2019/08/facebook_plans_.html#c6796641)

[2]
[https://www.reddit.com/r/privacy/comments/ckrmjg/facebook_pl...](https://www.reddit.com/r/privacy/comments/ckrmjg/facebook_plans_on_backdooring_whatsapp/evqfez3)

------
rando444
Personally I've felt this has been in the works for some time.

If you look closely at how the founders exited facebook, and what was said at
the time, it seemed (to me at least) that they left over exactly this.

I mean, that aside, can you really come up with many other operational
arguments that would result in people walking a way from hundreds of millions
of dollars? (or by some estimates leaving over a billion dollars on the table
between the two of them)

~~~
Calvin02
Confirmation bias is bad when others have it, but not when HN readers have it.

You haven't bothered to read the source, haven't bothered to understand what
the context is, and haven't even bothered to see that there is no mention of
WhatsApp in the talk.

Ducking tired of click bait and people who ducking reward it.

:face-palm:

~~~
michaelmrose
You can in fact say _fuck_ if you want to. There are lots of offensive things
said in pleasant tones in polite society. Bad language barely moves the needle
so give me an F...

~~~
ghostpepper
Yeah, changing it to _ducking_ actually shifts the reader's focus from "Wow
this person feels very strongly about this issue" to trying to decide what the
tone is meant to convey.

It took my brain a few tries to parse the word duck in this context.

------
a3n
> why does AT&T care about content moderation -- but it is something to watch?

"Content moderation" is just another kind of surveillance. You have to have
been watching -- surveilling -- in order to moderate.

AT&T already has capital and people invested in surveillance.
[https://en.wikipedia.org/wiki/Room_641A](https://en.wikipedia.org/wiki/Room_641A)

~~~
entropea
Content moderation is also censorship. You typically use E2E to avoid
censorship and surveillance. Facebook wants to mold thought and opinion, it is
the ultimate control over society.

------
davesmith1983
There is new pressure in the UK to backdoor encryption and their target is
facebook / whatapp.

[https://www.theregister.co.uk/2019/07/31/home_sec_priti_pate...](https://www.theregister.co.uk/2019/07/31/home_sec_priti_patel_five_eyes_encryption_controversy/)

So I am not surprised.

------
JTbane
I never understood government overreach like this. Any developer can clone an
open source crypto implementation and spin up a new chat app. It is
ridiculously stupid to backdoor things.

Unless the government plans to go back to the 80s, in which cryptography is
heavily restricted from export, this doesn't accomplish anything.

~~~
gnode
> Any developer can clone an open source crypto implementation and spin up a
> new chat app.

And they can use it to converse only with themselves. Getting everyone else to
stop using their favourite panopticon is the hard part.

~~~
kenshaw
I disagree, and history does not show this to be true. We have been more
fickle when it comes to instant messengers than almost any other technology on
the face of the planet (pun intended). From IRC, ICQ, AIM, Facebook messages
on the website (not Messenger), WhatsApp, Telegram. I count 6 major shifts in
the last 19 years. This would indicate that the over/under lifespan of a
messenger is roughly 3.5 years.

All it takes is a usable interface, general availability, and a reason to
change. If WhatsApp starts doing content moderation, of any form on the
client, I am of the strong opinion that users will find this to be "creepy"
and will immediately start shifting. As it is, all of my technical contacts
have already left WhatsApp for Telegram. Since that group/audience has been
the bellwether for all of the previous instant messaging client shifts over
the last 2 decades, I imagine it's only time before "everyone else" also
shifts off WhatsApp. I don't necessarily think it will be Telegram, but they
definitely have the most momentum today when compared to, eg, Line, Zalo,
Viber, Kik, et al.

------
EGreg
That’s the point!

We have to TRUST WhatsApp, Telegram, Signal, et al because there are no good
OPEN SOURCE alternatives. Otherwise we could just run our own.

We have to TRUST the current PKI and DNS because the alternatives are still
immature.

But EVEN IF we develop robust and mature alternatives, and wide adoption, we
have to TRUST the Device, OS and Browser makers.

The Trusted Computing Base is made by a handful or companies. Open source in
hardware is still a nascent field.

It’s interesting if one can ever be truly sure that some part or chip hasn’t
been interdicted. Apple tries to scan components as they arrive vs their
hardware designs.

But hardware will always be the weak link. Keyloggers. Cameras watching your
fingers from the ceiling.

The future of surveillance is in this kind of stuff. We will ALMOST have
secure communications, but not really. The only thing you can be sure of is
sending quantum entangled particles from airgapped rooms.

~~~
pmlnr
> there are no good OPEN SOURCE alternatives

Yes, there are. There has been for many years. Matrix or XMPP with OMEMO.

------
maximente
my (albeit faint) hope is that this leads some ambitious (EU?) organization to
spin this as a US tech/corporate/power overreach angle, starts heavily
promoting Signal as an alternative, various security conscious orgs/govts buy
in, leading to big Signal popularity boost

... hopefully

~~~
mschuster91
Forget this one, EU politicians, especially our German Interior Minister
Seehofer, hate proper e2e with a passion - they want to weaken the 5g
standards so that they can continue IMSI catching and snooping.

Fuck them hard.

------
flingo
Speaking of whatsapp.

Does anyone else think it's weird that it requires access to your camera roll
to view images, access to your camera to use the web version, and access to
your contacts to start group chats? (on android anyway)

Aside from the webapp QR-code thing, none of that is technically necessary.

------
apoph3nia
_INSERT Blake screaming at Alan and MacLeod in Highlander II: The Quickening_

"Please don't bother, Alan. Every time you turn that thing on it just gets
printed out in my office. And yes, yes, yes, yes, yes, yes, yes' yes, that
includes your little computer"

------
tetraca
I thought they already did this in Egypt and perhaps one or two other
countries long, long ago.

~~~
tripzilch
Yes I remember that! It was developed in a joint venture between Nokia and
Siemens. People got tortured because of that infrastructure. So, Nokia/Siemens
said in a press release, "gosh we didn't know Egypt and Iran would do that if
we would help them violate human rights now we are sorry" and fuck them both.

~~~
tetraca
Indeed. And if they're willing to backdoor a regime like that then why could
we ever trust them not to backdoor everywhere else?

~~~
tripzilch
Well, they both made a press statement, saying that they wouldn't!

------
starsinspace
Yes, Facebook, do that. Will make it so much easier to convince more friends
to switch to Signal :-)

------
codesushi42
Facebook has never cared about your privacy. E2E encryption should be a
requirement for any communications app. Not a half truth.

I hope people begin to take notice.

~~~
AWildC182
And open source allowing for independent verification. We have tons of good
open source apps like Signal and Matrix, why would we ever need one controlled
by facebook of all companies?

~~~
ac29
> why would we ever need one controlled by facebook of all companies?

The value of WhatsApp is not that its technically better than Signal or
Matrix, the value is that there are 1B+ users.

------
apoph3nia
> _The encryption . . . debate is already over – Facebook ended it earlier
> this year.

[...]

After all, if either user’s device is compromised, unbreakable encryption is
of little relevance.

[...]

The problem is that if Facebook’s model succeeds, it will only be a matter of
time before device manufacturers and mobile operating system developers embed
similar tools directly into devices themselves, making them impossible to
escape. . . . effectively ending the era of encrypted communications._

I guess FB is one of the more visibly monstrous instances of surveillance
capitalism so it works well as an example, but I don't understand why the
author is acting as if what it allegedly aims to do is unprecedented. As if
similar phenomena hadn't already been happening surreptitiously throughout
various other hardware/software for quite a long time.

------
throwaway3627
Use Signal. The. End.

~~~
jdofaz
I like [https://wire.com/](https://wire.com/)

~~~
newscracker
Unpopular opinions ahead. I like Telegram and Wire, with Telegram far ahead in
features. Once I get people to use Telegram and describe how it's different
and better than WhatsApp (except default E2E), they realize that it is indeed
nicer, and want to reduce using WhatsApp.

Wire is fine (not as good as or fast as Telegram), but the company seems to be
focused on paying customers to increase revenues. So free customers hardly get
any support or responses from support (the auto-replies from Wire support
state this priority). I like that Wire is by default E2E _and_ syncs
conversations across devices and platforms!

I've been waiting to recommend Signal to others for at least three or four
years now. But it's 2019, and Signal is still bad in UX and messaging
reliability (not to mention one still can't migrate conversations to another
device on iOS).

~~~
aitchnyu
Somehow Telegram shows normal chats as notifications but if its an encrypted
chat, it shows a "You received a message". Seems they are hostile to e2e.

~~~
Stubb
No, they just don't want to leak the message contents to your notification
screen.

------
rasz
JACK: “No. It’s unconstitutional. You can’t make your own currency. That is
the federal government’s job.

PRICE: Jack. Look at me. I am not the problem here. The problem is that hard
cash is fading. Rapidly. That’s just the way of the world right now. And
Bitcoin is spreading — and if Bitcoin takes over we are all in a world of
hell. It is unregulated. It has already reached its transaction volume maximum
and it is partly controlled by Chinese miners.

With E-Coin we control the ledger and the mining servers — we are the
authority. _I will make sure that you will have visibility into every single
wallet that’s opened: every loan, every transaction_. Which means we can start
making new assets. Which means we can start rebuilding the banking sector
without you having to inject even more politically unpalatable federal funds
into it.

JACK: The President will laugh in my face.

PRICE: But he will know that this is the right thing to do. This is going to
be controlled by a good old-fashioned American company. You want to regulate
it? Be my guest. _Regulate the shit out of it. I’ll give you backdoors, side-
doors, trace — whatever you want_. Just don’t. Shut it. Down.

~~~
colpabar
This is the first thing I thought of when I learned about Libra. It's
_terrifying_.

------
mtgx
I just don't buy that Facebook will only limit itself to what it tells us
publicly that it will do.

Facebook has recently talked about merging Messenger, WhatsApp, and Instagram
chat into one while "also keeping end-to-end encryption."

Why would Facebook cuts its own access to all the data ming it was getting
with the Messenger and Instagram chat? It wouldn't, unless it uses "faux" e2e
encryption. Besides, Facebook currently allows advertisers to send ads
Messenger users. How would those ads be managed by FB's servers, if the
encryption is truly end-to-end between the sender and the receiver?

Also, this "new encryption system" is exactly what the founders of WhatsApp
left:

[https://www.nytimes.com/2018/04/30/technology/whatsapp-
faceb...](https://www.nytimes.com/2018/04/30/technology/whatsapp-facebook-jan-
koum.html)

~~~
OrwellianChild
My understanding of FB's plan to E2E encrypt everything is that it would be
done to dodge responsibility for content moderation. If it can't see what's
being discussed, it can't be held responsible for reigning in hate speech,
misinformation, etc.

~~~
entropea
Who defines what is hate speech and what is misinformation though? We're in
post truth where I don't even think the "good actors" are acting truthfully.

