how exactly is WhatsApp "pushing around" Apple - that would indicate that there is a power & influence sort of relationship between the two companies. Rather, this is a case of WhatsApp outperforming Apple due to its multi-platform support, extended featureset and first mover advantage
WhatsApp is insecure, right? Did they ever respond to that? If any major company implemented a chat protocol that sent messages in plaintext today, I imagine they would be crucified. What can we do to get WhatsApp to adopt security?
if i remember correctly they _do_ encrypt your messages but authentication is based on something like your phone number as your username and your IMEI as your password or something absolutely ridiculous.
i read about it on slashdot, and told my sister, who uses it all the time. her response was "oh, should i care?". sigh
Many people happily use Twitter to talk to each other, entirely in public; many people will not care unless you can show them something they actually consider to be sensitive information that would be leaked by the lack of security.
I mean, to put this in perspective: my physical mailbox is secured by a pretty crummy key; it is sufficiently crummy that, early on when I didn't know which mailbox was mine, I found another mailbox near mine shares the same key.
However, if I really wanted to get mail out of the mailboxes, it would not only be trivial to pick any of these old and simple locks, but I bet I could get in to the back with a pair of pliers and put it back together without anyone noticing.
Yet, I don't particularly care: I don't have any of my bank/credit statements go to my apartment, and that's good enough for me, with regards to the security of my mail. If someone really wants to steal it from me, they could... but seriously: "should I care?".
I think there are a bunch of different levels of expected privacy, and I think the problem is that text messaging has a very high level of expected privacy and what's app does not live up to that. Text messaging is one of the most personal forms of communication we have, it's instant, it's directly from one person to another person, we expect people to read and respond to texts quite frequently, and it requires knowing someone's cell number (which is much more carefully handed out than, say, email addresses). Especially because of the one on one aspect, furthered by the fact that people read texts directly off their phones so there is very little over the shoulder reading done (this is something where having iMessage on the desktop has actually bothered me, I could be working on something with someone and have a personal text show up on the screen) texting can be very intimate and private.
Moreover, it's digital, so most people don't really understand how any of it works and there is a much larger attack vector than the inherent physical locality required by stealing someone's mail.
The reason I provided the response that I did is that the implication of mxxx sighing at his sister asking "oh, should I care?" is that "of course you should care: this is insecure!", when it is not at all clear that any individual person should care.
In practice, WhatsApp is actually much more secure than most of the things that people trust with their privacy, and this is certainly true for the people against whom most people are specifically attempting to protect their private things from being taken by.
As an example: let's say that an ex-girlfriend of mine decided to stalk me. She can either 1) use a pair of pliers and steal my physical mail, 2) guess a poorly-chosen four-digit PIN number and access my voicemail, or 3) guess my 14-digit IMEI (Android; alternatively, 160-bit UDID on iPhone) and access my WhatsApp account.
In actuality, then, WhatsApp is one of the most secure things I might currently be using to protect my privacy from these kinds of other users. I can easily see someone saying "so, should I care?" about this particular vulnerability.
Of course, for someone else, that might not be the case: if you use WhatsApp for something much more sensitive than I might, or you are attempting to protect yourself from a much more sophisticated attacker than most people are (example: most people really and honestly don't care that a large faceless corporation knows you hated your sister's cheesecake), then you probably do (and certainly should) care.
I guess many people still think they're sending out text messages while they're using iMessage which may the reason why they've been reluctant to use it as much as WhatsApp (they think they're getting charged for every message).
My mother has a dumbphone. My girlfriend has a Blackberry. My friends have Androids. Some of my coworkers have iOS devices, but not nearly the majority. So, for me, iMessage isn't free. And I think this is true for the majority of the population that doesn't live in the Apple-centred SV hype bubble. If Apple opened the iMessage protocol to non-iOS devices[1], I'd use iMessage in a heartbeat--I prefer its UX. But until then, I'll only use it to reply when someone sends me an SMS--because, like email, SMS is universal.
[1] They wouldn't even have to write iMessage apps for those devices--just allow, say, WhatsApp, to use the iMessage protocol.
