"WhatsApp is going to share your phone number with Facebook": https://news.ycombinator.com/item?id=12358751
"Looking ahead for WhatsApp": https://news.ycombinator.com/item?id=12358205
Normally we'd merge the threads, but the discussions are large and come from three different perspectives, so that might not be best. HN practice is to have one front-page thread at a time about a story, but if you're concerned about the topic you might want to check in on the other discussions.
The 'share information with Facebook' nugget is hidden behind a toggle at the bottom of the screen, and will be guaranteed to be missed by the 99% of users who just want to talk to their friends.
Then, once you've agreed to the terms and conditions, you've got a completely arbitrary 30 days to read an online article which tells you what you've signed up for before WhatsApp is irrevocably sharing your data with Facebook.
You can build an incredibly accurate picture of people's lives from metadata alone - WhatsApp know it and Facebook know it.
Not only that - when WhatsApp start building out these 'brand' relationships which will look a lot like helpful information at first - you'll be loading your data into that brand's custom FB audience too. And you won't have an opt out because, y'know, reasons.
This is very obviously not the WhatsApp that promised not to fuck with its users when Facebook bought it out.
Chances are, doing this will get you kicked off Facebook and deleted pretty quickly. And if it doesn't, you've just fucked with not just Facebook, but all their advertisers. GIGO.
If FB does not block/delete your account, it will be non-stop hilarity for your friends, who will probably share the pics too and maybe some of them will actually pause and think. If they do delete your account, you are now mostly free from their clutches without unnecessarily defacing your own profile.
Someone please write this script and put it on GitHub. :-)
If Facebook does this with the data of an EU resident, they are breaking the law. The Irish Data Protection Commissioner has audited Facebook and found that their deletion of user data was in compliance.
See Microsoft's Tay: http://gizmodo.com/here-are-the-microsoft-twitter-bot-s-craz...
So you can use Google itself to find words which are obviously not well known (just construct a dictionary filled with random characters and see how many results come back for each word). Take a passage of clean text, and randomly replace the nouns in the text with these garbage words (capitalize the first character), and post it to your social network. The surrounding text will provide legitimacy, but the garbage words will probably throw off the algorithms. Do it often enough, and someone at Google will probably investigate the issue :-)
Or maybe go and get public domain text which has a lot of words which are not in use today and fill up your FB/Google/Twitter feeds with such data. My view is that such data will very likely throw off the existing algorithms, and if people do it at sufficient scale, we may discover that ML algorithms are only as smart as the training data set.
It used to be more difficult: I remember following the process you're describing for some other account I had. It might still be that difficult in some cases, I don't know.
I suspect that you'd be familiar with LinkedIn dark patterns  too.
Not just that, but even if your number is not shared with Facebook, but Facebook knows that ten of your friends all contact you three times a week, you're still in the graph even if you're not personally receiving advertising.
Of course, it's not simple.
Additional measure might include using browser extensions like Ghostery, uBlock origin.
I know people find it hard to do, but avoid using Google search. Use Duckduckgo instead.
Block ads. Some sites refuse to load up for that reason. I'm ok giving those a pass :)
The problem with Facebook's usefulness isn't that I find it useful, it's that everyone else in my circle finds it useful. This means that any event, major life change like marital engagements and announcements of expectancy or child birth, and general updates of wellbeing from my elderly family are all communicated via Facebook. For example, a friend of mine from high school recently had a child. I had not logged into Facebook for over a year, and suddenly found myself embarrassed for my lack of keeping up with her when I ran into her at the grocery store while she was chasing down a toddler who had escaped down an aisle. I did not have the slightest clue as to her family status, because I stopped logging into Facebook to receive those updates and she stopped going out to parties and bars where we normally would run into each other (to avoid drinking and cigarette smoking), and it just appeared like we drifted apart.
Even now, some friends of mine are planning a trip together, and it's entirely done within a closed group on Facebook. There is no way for me to participate in this trip without maintaining some status on Facebook, else my significant other will have to just relay all that information, which is tiring, and prone to the "telephone" effect.
And that's life. Perhaps you weren't that close enough anyway to find about the child. And that's life too.
The notion of "being connected" with all the people you knew is is similar then the "I need to be happy, if not something is wrong with me" and got introduced with modern social media (particularly Facebook).
If you have already hard time building very durable friendships and are sort of hang-around member of your social circles, the social media -- if you refuse to use it -- does not exactly make your life easier.
I guess it's a matter of personal preference, I rather have 3 good connections then 10 (not to mention 100, which is ridiculous) shallow ones and when we randomly see each other, there's no "guilt" looming around the meeting.
IMHO this coincides with two recent HN posts about accepting mediocrity  and stopping to eternally seek happiness .
It's like opting out of electricity - pretty theoretical. So we regulate it so it doesn't f. us over too badly. This is what needs to happen here.
We don't need Gmail. We could have Freedom Boxes to host and send our mail instead (and filter whatever spam gets out our infected Windows machines). Right now we can't because of the spam filtering policies of most big players, but if everyone have a Freedom Box that's no longer an issue.
Likewise we don't need Facebook, though since I don't use it unless coerced to I don't know what a replacement should look like.
We don't need Twitter.
We don't need YouTube. Or at least we won't need it when our broadband finally get freaking symmetric as it always should have —not happening any time soon despite making absolute sense on the fibre. Then we could just upload our videos from our Freedom Box with a peer-to-peer protocol.
We don't need Dropbox. Distributed backup is a thing, and keeping those backups secure is easy —except for the master passphrase, but you can at least write it down if you're afraid of forgetting it.
Search engines… well, we don't know how to decentralise them yet. The rest is a solved problem: we only to get the logistics and usability straight –a rather daunting task unfortunately.
How would your "normal" mail client filter out the messages that are for this app? People have lots of different mail clients which they might not be able (or willing) to configure. Or would you expect a dedicated address.
I recently opened an account on Diaspora using the sechat.org pod. It has been a fun experience so far. The network effects mean that moving your friends over to it will be another matter. But it has been fun to use.
also, it's email. yes, it's highly insufficient
There is not, and has never been, an inalienable right to use somebody else's property (aka Facebook's network) to communicate. You are not entitled to coerce Facebook into building their product to work the way you want. On the contrary, it's Facebook's right, as the owner and creator of their platform and network, to handle all of the network traffic that you are voluntarily sending them however they want.
There are more communication methods available today than ever before. If a person you are trying to contact has stubbornly refused to use all of them except Facebook, that is not Facebook's problem, and it doesn't make them obligated to you in any way whatsoever.
If you don't like it then send an email, send a text message, call them, write them a letter, visit them, hire a courier, fax them, use another social network, etc.
> "If you don't like it then use X or Y"
If you are not aware that a service you're using is spying on you how are you supposed to know you don't like it in the first place? The cynical answer is that you can just expect them all to spy on you by default. Well if that's the case then we are getting back to the debate about privacy being an inalienable right.
Fuck facebook a thousand times over.
Facebook had a leak ~3 years ago that showed it: http://www.zdnet.com/article/anger-mounts-after-facebooks-sh... but there have been darker efforts to do this since at least 2006 or so that I've found.
For a long time people where saying that ads/tracking is good because nobody is willing to pay for software/service/social media. Well users were paying for whatsapp. There was no need to sell it to facebook, nor there was a need for facebook to use these dark patterns with whatsapp.
Regulation should be an exception. Free markets work pretty well in practice.
Facebook needs to recover it's investment in WhatsApp. No?
Since Faceook is using cookies and is able to read your data from other websites than FB alone, can you please fix your sentence to read this:
> if you don't want your personal information to be shared, don't use internet. period.
Sure, you can still e-mail, call, sms or heck, even visit your friends and family IRL. But not having a social media account sure makes it more inconvenient. All your friends use these networks.
In a couple of years not having a social media account will be seen as equivalent to not having a bank account, or a passport, or a phone number. Sure, it's possible to live like that. But it sure is inconvenient.
Aside from that, as others have mentioned in this thread, even if you don't have an account Facebook, Google, LinkedIn, etc. have your data already. You can be sure one of your friends has uploaded their contacts to WhatsApp, including your phone number and mail address. Facebook has detected your face in a photograph your cousin uploaded. Google has all of your self-hosted mails because all of your friends use Gmail.
If you don't want your personal information to be shared, you need to live like a hermit.
* You have to enter a credit card number to begin the 'free trial', for a 'seamless experience' (ie. so we can bill you if you forget to cancel).
* You have to cancel your free trial 1 day or more before the end of the trial period to avoid being billed for the next month (at least I hope it's "1 day or more" and not "exactly 1 day"... the exact wording is "If you wish to avoid being charged for your free trial, you must cancel the trial one day prior to the auto-renewal.")
* You can't then delete your payment method at the same time, and must remember to do so after the end of the billing cycle.
Or as former Director of the National Security Agency, Principal Deputy Director of National Intelligence, and Director of the Central Intelligence Agency., Gen. Michael Hayden, said :
"We kill people based on metadata"
Exactly my point, when whatsapp was bought, they said all these things, that whatsapp doesn't sell out customer information, that whatsapp will never have calling facility because they want to focus on texting alone.
I think they should remove the "why we do not sell ads" too, there is no point in this two faced behaviour.
The NSA knows it too
The worst part is that WhatsApp is actually based on Jabber >:(
Can anybody recommend XMPP servers? I know duckduckgo has an XMPP service up and running, but I can't seem to find any relevant API documentation. All I found was this , which doesn't go into details about encryption settings and isn't very useful for programmatic interaction.
Extensions that implement server-side XEPs are really easy to add on as well. Just git pull the community XEP repo and then add a line to the ini and you can add more superpowers. I have it on a cheap VPS. I'm using conversations with it and it has been mostly flawless. Now I just need a good linux application that understands OMEMO. There's a Gajim hack, but it's kind of messy.
(Maybe I should look into running my own server...)
¹ — https://github.com/siacs/Conversations
² — https://f-droid.org/repository/browse/?fdid=eu.siacs.convers...
³ — https://en.wikipedia.org/wiki/F-Droid
Never took off in developed world but I strangely got plenty of users in Iran & middle east
However, clearly people prefer to use other systems, such as Whatsapp. They offered something different (and simple) enough that it enticed people to use it, and so they have the users. It would appear that people just don't care enough about interoperability to switch to something else.
IRC is still alive, at least.
I'm missing something here; why is this a bad thing?
My point is that being based on XMPP is still a good thing, regardless of whether they federate or not.
Can you connect with third party clients? Can they federate? Are they contributing to the protocol? No.
So what's good about it?
E.g. it benefits you that Google uses TCP internally, even if you can't get on their network? Why? Because they've submitted patches to Linux to make it work better.
But they didn't modify TCP to prevent interoperability did they?
Maybe someone outside Google gains nothing, but presumably their engineers will spend less time reinvesting the wheel, which is a net gain for humanity in less time wasted.
Well, bad news then: They never federated and they modified their implementation of XMPP to the point of third party clients not being able to connect.
in the early days both worked with external clients/servers too.
'The Facebook family of companies will still receive and use this information for other purposes such as improving infrastructure and delivery systems, understanding how our services or theirs are used, securing systems, and fighting spam, abuse, or infringement activities.'
Device & app history
retrieve running apps
find accounts on the device
add or remove accounts
read your own contact card
read calendar events plus confidential information
add or modify calendar events and send email to guests without owners' knowledge
find accounts on the device
read your contacts
modify your contacts
approximate location (network-based)
precise location (GPS and network-based)
read your text messages (SMS or MMS)
directly call phone numbers
read call log
read phone status and identity
write call log
read the contents of your USB storage
modify or delete the contents of your USB storage
read the contents of your USB storage
modify or delete the contents of your USB storage
take pictures and videos
Wi-Fi connection information
view Wi-Fi connections
Device ID & call information
read phone status and identity
download files without notification
adjust your wallpaper size
receive data from Internet
view network connections
create accounts and set passwords
read battery statistics
send sticky broadcast
change network connectivity
connect and disconnect from Wi-Fi
expand/collapse status bar
full network access
change your audio settings
read sync settings
run at startup
reorder running apps
draw over other apps
prevent device from sleeping
toggle sync on and off
read Google service configuration
Quote from the announcement (https://blog.whatsapp.com/499/Facebook):
> And you can still count on absolutely no ads interrupting your communication. There would have been no partnership between our two companies if we had to compromise on the core principles that will always define our company, our vision and our product.
Today's announcement (http://www.bbc.co.uk/news/technology-37184651):
Facebook has used their market dominance to restrict competition so we can't avoid advertising. I'm not normally one to get angry and start waving pitchforks, but for me, this is clearly an abuse of their monopoly.
1. Sharing data
We never share your data with anyone. No.
Just use Signal Messager.
(Also, does Telegram have a version without Google Play Services?)
Correct me if I'm wrong, but I don't think that Signal supports this feature
Moxie Marlinspike asserts that federation needs standardization and that standardization inhibits changes. He also asserts that protocols have to change to keep up with changing requirements. His unspoken assumption is that it is impossible to create real-world forward-compatible protocols.
While I agree with the first assertion, I strongly disagree on the latter two. Consider that protocols and data formats that do not have to change exist. An encoding like UTF-8 will probably never have to change to keep up with new codepoints. Also consider that forward-compatible protocols and data formats exist. HTTP seems to be a very good example for that.
I believe with enough traction, we could get hedge funds to give money while shorting the publicly traded companies that operate walled-garden networks.
N.B. I read your link when it was written originally, and have not taken the time to go at the issues raised point-for-point, but I'd like to see more efforts made in the direction I mentioned above.
Edit: The protocol has to have federation built-in from the beginning, and the ability of any server to granularly discriminate against any given TLD at their operator's discretion.
Which is a legal right in the EU (and even allows you to reverse engineer proprietary code for the purpose of writing your own system that interoperates with a proprietary one), so this is very sketchy.
Moxie seems like a Google-employee.
Just use XMPP.
(^) Granted, moxie can be considered a crypto expert, and the design got some public auditing.
A novel crypto algorithm someone puts up on GitHub is "home-brewed." The Axolotl algorithm can no longer fairly be described as "home-brewed."
The Guardian Project writes a bunch of nice software https://en.wikipedia.org/wiki/The_Guardian_Project_(software...
It’s actually usable, supports a lot more encryption methods, is more up to date, and actually looks okay.
That sounds like an anti-feature.
At the end of the day, all these guys get enough users and then the users are just too tied to the platform to make an easy move.
Just to say this didn't happen with Telegram. Recovered everything smoothly with no errors.
The moment you switch phones, all the data is lost, because they do not have it in the cloud! This is the reason your phone needs to be connected to Internet when using whatsapp web or whatsapp desktop, because they literally stream your data i.e. chats from phone to desktop!
Telegram is a cloud messenger, data is stored in the cloud and loaded everytime in your devices, ironically this makes whatsapp better than telegram :D at least before facebook bought it.
Whatsapp never stores the chat history anywhere. All conversations are encrypted end to end.
It says on the Nokia C3 version of the app that Whatsapp won't support that device next year, possibly because of that.
I didn't say you can't, I said Whatsapp doesn't store it. I meant to say that it won't automatically backup and restore your stuff when you change phones.
You have to backup the data yourself in an sd card or a cloud service that you choose. It isn't stored in Facebook's servers.
But you're right. At times I've had to search for information because I didn't remember which communication tool we used.
By the way, if you're using a Mac you might like 'Franz': http://meetfranz.com/
Live / phone call style voice messages no.
What Telegram should do to earn the trust of the technical community (specifically, the security savvy people who criticize it for unorthodox encryption methodologies), is contract a real audit from a leading security firm that specializes in cryptanalysis, like Riscure.
Suggestions like this do nothing to dispell the image that modern security firms are little more than a protection racket. If you don't pay for "an audit" from an "industry leading" firm, you'll be shunned by everyone.
Otherwise, you're just making claims that are unbacked by anything. Presumably only the fact that there hasn't, yet, been a public exploit. But that's not a useful metric.
At the end of the day, for many nerds looking at these two pieces of software and their developers-- Moxie comes out looking a lot more serious about privacy and more experienced with crypto than Nikolai and Pavel. To say nothing of Telegrams closed source cloud app model, questionable financing strategy or debatable ties to the Russian intelligence apparatus.
Soo you counter FUD with FUD. Great strategy!
The Telegram devs more or less said "f*ck you, we are programming world champions and PhDs".
Then, about 6 months after they were all cocky, a russian guy showed that the telegram server could mitm every secret chat by providing the client with shitty entropy. Either it was a back door, or the telegram devs showed that everyone else was right.
Don't use it for the crypto. If that is what you want, use something else.
Basically, it's about the cash. Signal's business model is to convince everyone that their protocol is the only secure one and charge everyone to licence it. If that means promoting non-E2E services that store and mine chat history, that's fine so long as they pay up.
The protocol is publicly described. They've blogged about it. I can imagine people being able to reconstruct it from memory.
The first Google result for "signal protocol license" is https://whispersystems.org/blog/license-update/ , clarifying that it's under GPLv3 (i.e., patent grant) with an exception for the App Store. Has anyone paid money to license the protocol? Has Signal asked for money? Is it even possible to give them money for the protocol?
This is basically why Google could be sued by Oracle, because Dalvik and their class library based on Apache Harmony were not a fork of OpenJDK.
Of course I cannot speak for Signal's protocol. Maybe it has no traps. I'm just commenting on that license. It's a strong license that makes some demands: good fit open source but bad for Google.
Which brings me back to the original question—why do we think that OWS's pushing of Signal Protocol is about money? Yes, I expect that for Allo they got paid by Google to write and maintain some code. But I don't think that their general claim "Signal Protocol is good crypto for everyone solving this problem" is motivated by money, because so many people solving this problem could use the GPLv3 version.
As Allo is not GPLv3, they obviously got it under another license.
(And it's not so obvious to me. The thing I linked is licensed under GPLv3 + MPL if used on the App Store. You can totally ship an Android app that runs a separate GPLv3 subprocess, and an iOS app that uses it under the terms of the MPL. The GPLv3-subprocess thing is what JuiceSSH does for running Mosh.)
Q: So how do you encrypt data?
We support two layers of secure encryption. Server-client encryption is used in Cloud Chats (private and group chats), Secret Chats use an additional layer of client-client encryption. All data, regardless of type, is encrypted in the same way — be it text, media or files.
Our encryption is based on 256-bit symmetric AES encryption, RSA 2048 encryption, and Diffie–Hellman secure key exchange. You can find more info in the Advanced FAQ.
Wire  (which I discovered a few months ago) is a platform that has end-to-end encryption, multi-platform support and multi-device sync. It also has text chats, voice calls, video calls, doodling, etc. The UX still needs a lot of improvement (compared to Telegram).
Seems to me though that if you're willing to use telegram you might as well just use iMessage or What's App though?
Not necessarily. Wire has shown that a Telegram like UX is possible with end-to-end encryption, multi-device sync and multi-platform support. It's just that Wire and Signal are slow in catching up and seem like they need a slightly larger team and/or better management of the development.
> didn't know things were that much better in the Telegram world.
I keep trying any new messaging platform like this, especially if it promises privacy and better security. So I'd recommend you try Telegram and see for yourself what it provides. I'm heavily impressed by what it offers and use it as my primary messaging client, but don't like the crypto and the fact that normal chats are not end-to-end encrypted.
> Seems to me though that if you're willing to use telegram you might as well just use iMessage or What's App though?
That depends on which company one is more comfortable with on the privacy front. I don't consider iMessage to be equivalent to Telegram in features or UX (it's actually inferior and has issues with handling SMS as a backup option). WhatsApp being connected to Facebook is a no-no from the privacy point of view.
To clarify not that it's a fundamental tradeoff that you can't have end to end encryption with good UX, but that the current choice between Signal and Telegram is a choice between security (Signal) and UX (Telegram).
From everything I've read you'd probably be better off trusting iMessage or WhatsApp over Telegram.
And on push notifications, the app only receives a signal that there's fresh content to be requested. There shouldn't be any metadata leaked. Source?
If you had actually used both, it would be clear why people use Telegram over Signal.
Signal doesn't even have a desktop client for any OS!
So yeah, the statement from parent still stands.
There is basically one person writing the app, and given the company has just a few people _volunteering_ for them, you cannot expect them to release a large amount of code across so many devices. They prioritized the highest volume first.
Open Whisper Systems primarily develops a strong encryption protocol (Moxie's efforts). If you didn't realize, this protocol was adopted by WhatsApp and also Facebook Messenger. So, the developers of those other applications needn't spend time/resources on the encryption, but can release Desktop clients for people like yourself to enjoy.
People who use Signal trust Moxie. People who dislike Signal _may_ care more about features than the security properties of the software (note, WhatsApp doesn't open-source their software, and Telegram instead bets people cannot break their encryption).
Also, their app will supposedly run on any OS that Chrome runs. I'm sure that was the intention.
This is what annoys me the most. I can't control what people put in their address book about me (physical address, email, photo, phone number, maybe even more infos) and who they share my info with.
then you can safely share your 'normal' contacts with Whatsapp.
"The Facebook family of companies will still receive and use this information for other purposes such as improving infrastructure and delivery systems, understanding how our services or theirs are used, securing systems, and fighting spam, abuse, or infringement activities."
Never does it say, you won't get ads. But if you share, you will get "improved ads".
Am I reading this right?
Uh, I mean, that's the whole point of facebook.
But it's kinda scary that emperor Zuck has so much power over the people, like FB/Messenger/Whatsapp/Instagram are the top apps everyone uses. I am glad Snapchat didn't sell out.
The phrase "network effect" exists for a reason. Where people don't think about keeping in touch with others in any terms other than Facebook, refusing to play along with Facebook comes with serious consequences.
And how exactly do you think these things worked before Facebook?
"Friends" who don't want to make the effort to stay in touch outside of a dead-simple social app aren't friends, anyway.
When the letters were the common way to contact people, people would contact you by letter. If you refused to communicate in different ways than with letters, people would communicate less with you than with others, because it would be a pain in the ass. They'd organize a party on short notice, and then realize that the letter won't reach you in time (or that they don't have envelopes and stamps anymore because they no longer send letters).
The same applies to this sort of app today, sadly.
I almost caved, the second time that happened. What stopped me was being prompted for my email account credentials, so Facebook could mine my more than decade-long correspondence for social graph data. I know enough about abusive relationships not to overlook an opening boundary test like that. So that was the end of my Facebook experiment. In any case, by that point the damage was probably done.
Someone else here said something about having his Facebook departure be a conversation starter. Doesn't always work that way. When I tell people about that email prompt, they just look at me funny and go "you know you can skip that, right?" Which, of course, I do know, but see above re: abusive relationships. Maybe I can talk my way out of taking a punch this time, but every time?
That metaphor doesn't seem to cut much ice with anyone, though. No idea why. Maybe it's a little over the top. Maybe people are just so accustomed to think about Facebook as part of the environment, and take it totally for granted, that it doesn't occur to them to regard what I'm saying as anything but incomprehensibly weird. Maybe I'm an obstreperous pain in the ass. I'm sure at least one of those is true. But who knows? I mean, I don't ask; I just steer the conversation somewhere more mutually enjoyable, because I go to bars to drink and enjoy talking with people, not to pretend to be Richard Stallman.
The problem is not that your friends don't care enough about you to keep in touch by means other than Facebook. The problem is that Facebook has so completely insinuated itself into and throughout a billion people's interpersonal relationships that your friends don't even think about keeping in touch by means other than Facebook.
Put another way, we find ourselves in a situation where a single, rather secretive corporation mediates the interactions of a significant fraction of the species, and has already been known to manipulate the perception of its users in ways which might be to its benefit. When I was a kid, this would've been no more than fodder for third-rate dystopian sf which even fans of the genre mostly wouldn't take seriously. And yet, somehow, here we are.
Fights aren't easy, but this fight is important for our society and our children.
> Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.
This is a fight, our fight. For freedom, free speech and privacy.
> I mean, yeah, that's easy to say and all, and it makes you feel special and everything. It's also horseshit.
I bet it makes you feel special writing that phrase (isn't it?).
> Put another way, we find ourselves in a situation where a single, rather secretive corporation mediates the interactions of a significant fraction of the species, and has already been known to manipulate the perception of its users in ways which might be to its benefit. When I was a kid, this would've been no more than fodder for third-rate dystopian sf which even fans of the genre mostly wouldn't take seriously. And yet, somehow, here we are.
...because you don't really care.
It's not that I don't want to see Facebook killed with an axe. I'm just not so foolish as to imagine that browbeating people will make that more likely. Don't confuse the two.
Who else should stop using the Facebook than the people who actualy understands how it works.
I am saying this becuase over a year ago i deleted FB. It was more for the fact that i started to measure how i use FB and i realized i was giving it quite bit of my focus. It wasnt taking much of my time but it was constant distraction. So i stopped. After 14 days i never felt urge or need to use facebook again. Seriously it was like some spell. And outcome? All the worries about not being able to reach foreing friends or see what are my friends up to. Well the interesting people luckily found another way to contact me and since then all the important stuff was much more focused. Other people started to talk with me, they had a reason to talk with me in a pub because they got something new i didnt know about. And leaving fb became theme for conversations because people wondered why i did it.
And its not only me, there are 4 people i know around me who came to the same conclusion. None of us came back.
Btw when you will try to actualy delete your fb account, its a minefield of dark patterns. First you need special link, because you can only deactivate from settings. Then you will have to go through pile of emotionaly draining photos of friends with claims that they will mis you and you wont be able to see what they are doing with their lives. Then few traps with agreeing about deletion with switched meanings of buttons. In the end you wont actualy be deleted. You will be put to deactivate mode for 14 days, if your browser accidentaly auto logins then you have to do it again. After 14 days you are sent email and if you miss it and wont acept it in certain time - you wont be deleted. Of course since 1. 1. 2014 it realy doesnt matter because facebook keeps your data even if you delete account. (i deleted it just before 1. 1. 2014 and i still think they kept all the shit, because how would anyone know).
They would seem to be doing all the right things, such as OTR and not rolling their own protocols, but I've only been able to find a couple of opinions and nothing concrete.
The fact that they've made effort to open source it and are letting people write their own clients for it is encouraging, but not proof that it's a solid system.
To avoid confusion about axolotl ratchet and its usage, OpenWhisperSystems changed the name of the protocol used to Signal protocol in March. 
However, I am afraid I won't be able to convince anyone to use it :(
I don't want any of my info shared. Yet there is no way to opt out of it.
> The Facebook family of companies will still receive and use this information for other purposes such as improving infrastructure and delivery systems, understanding how our services or theirs are used, securing systems, and fighting spam, abuse, or infringement activities.
So you can't not share.
This is one of the problems of digital identity--privacy has a latent value. The company you choose to share data with today, may choose choose to share with / merge with a third party in the future.
What a hassle.
The big news is that your eye-balls are officially for sale now. Marketing is specifically mentioned as a new form of communication towards the users. No banner ads (yet), but other formats.
It was good, while it lasted.
PS to WhatsApp: If you manage to launch a no-data-sale privacy option for x$/y, I signup in a heartbeat.
Here's the link to delete your account.
- Your messages are yours, and we can’t read them. We’ve built privacy, end-to-end encryption, and other security features into WhatsApp. We don’t store your messages once they’ve been delivered. When they are end-to-end encrypted, we and third parties can’t read them.
So they can share location, phone number, contact book, maybe chat group names if they're not encrypted, and maybe the people participating in those groups, the online/offline status, who and when you call, what else am I missing?
1) you did not have to scroll to opt out.
2) opting out brought up a toast saying "when you tap 'agree', your account info will be used to improve your Facebook ads and product experiences"
3) there was a " X not now" option in the top right corner.
I chose that.
Edit: no app update was required. I'm guessing in the future, the could push ads the same way
>The Facebook family of companies will still receive and use this information for other purposes such as improving infrastructure and delivery systems, understanding how our services or theirs are used, securing systems, and fighting spam, abuse, or infringement activities.
Duplicate threads like this just dilute the conversation especially when the comments made here are already opinions voiced elsewhere.
The Facebook family of companies
will still receive and use this
information for other purposes...
YOU DO NOT.
Translated literally it means "puppet-show"...
The discussions have ballooned, but having read the other two in the morning, this one just feels like a rehash of the same privacy concerns folks have raised. And for anyone reading about possible solutions to their concerns, they'd have to jump between 2-3 different threads now.
I'm glad there's at least WhatsApp thread is on front page for everyone's sake, but personally I felt like the Looking ahead for WhatsApp discussion covered much of what's being said here. The difference is that poster didn't have as good of a title and submitted it when much of the West Coast was still asleep.
Also, while this site doesn't have the resources to comb and diff each new thread to make sure it's not a dupe, I wish more users would point this out when it does happen. At the very least, thanks for pointing out the two existing threads, but we shouldn't be afraid of merging threads to make it easier for future users to reference (if they do).
Since this is a bit meta I've detached the subthread from https://news.ycombinator.com/item?id=12361031 and marked it off-topic.
Especially since the bulk other thread was already talking about privacy concerns and most users would go down that route.
Also, you already do a great job moderating here, but this is just one of those few situations where I'm in disagreement with you on this particular instance.
Answer: Don't use Facebook.