I created this site to enable people to compare many so-called “secure messaging apps”. Likewise, I hope to educate people as to which functionality is required for truly secure messaging.
In 2016, I was frustrated with the EFF’s very out-of-date comparison, and hence I decided to create a comparison myself. Reaching out to various privacy organisations proved to be a complete waste of time, as no one was willing to collaborate on a comparison. This is a good lesson learnt: Don’t be beholden to other people/organisations, and produce your own useful work.
This site is not meant to be comprehensive; security is difficult, and a full review of each app is simply not plausible due to time, a lack of access to source code in many cases, and a lack of knowledge of development practices, and general cyber security maturity.
For the first time since launching in 2009, WhatsApp will now show users advertisements. The ads are “rolling out gradually,” the company said.
For now, the ads will only appear on WhatsApp's Updates tab, where users can update their status and access channels or groups targeting specific interests they may want to follow. In its announcement of the ads, parent company Meta claimed that placing ads under Updates means that the ads won’t “interrupt personal chats.”
Meta said that 1.5 billion people use the Updates tab daily. However, if you exclusively use WhatsApp for direct messages and personal group chats, you could avoid ever seeing ads.
Encrypted chat apps like Signal and WhatsApp are one of the best ways to keep your digital conversations as private as possible. But if you’re not careful with how those conversations are backed up, you can accidentally undermine your privacy.
When a conversation is properly encrypted end-to-end, it means that the contents of those messages are only viewable by the sender and the recipient. The organization that runs the messaging platform—such as Meta or Signal—does not have access to the contents of the messages. But it does have access to some metadata, like the who, where, and when of a message. Companies have different retention policies around whether they hold onto that information after the message is sent.
What happens after the messages are sent and received is entirely up to the sender and receiver. If you’re having a conversation with someone, you may choose to screenshot that conversation and save that screenshot to your computer’s desktop or phone’s camera roll. You might choose to back up your chat history, either to your personal computer or maybe even to cloud storage (services like Google Drive or iCloud, or to servers run by the application developer).
Those backups do not necessarily have the same type of encryption protections as the chats themselves, and may make those conversations—which were sent with strong, privacy-protecting end-to-end encryption—available to read by whoever runs the cloud storage platform you’re backing up to, which also means they could hand them at the request of law enforcement.
GaidinBDJ Ars Scholae Palatinae
11y
1,266
Subscriptor
actor0 said:
Why do people think E2R encryption means the data can't be decrypted?
Probably a gross misunderstanding of encryption in general.ANYONE with access to the keys can unlock it.
The ones with access to the keys own the platform.
The one who own the platform are legally required to submit your info to Subpoena, Homeland Security warrants, and Patriot Act related actions.
This is totally incorrect.
With end-to-end encryption, the platform doesn't have the keys. The clients exchange keys through the platform, but it's done in a way that the platform doesn't know what they are. A subpoena doesn't let them provide information they don't have. The platform may have metadata about your message, but not the contents.
On the Wikipedia page for Diffie-Hellman key exchange there's a good diagram explaining the concept of how you can exchange private keys through public transport. It's the one down the page a bit where they use paint colors. In the real world, it's done with math, but the paint concept is sound to understand the underlying idea.
A team of researchers confirmed that behavior in a recently released formal analysis of WhatsApp group messaging. They reverse-engineered the app, described the formal cryptographic protocols, and provided theorems establishing the security guarantees that WhatsApp provides. Overall, they gave the messenger a clean bill of health, finding that it works securely and as described by WhatsApp.
They did, however, confirm a behavior that should give some group messaging users pause: Like other messengers billed as secure—with the notable exception of Signal—WhatsApp doesn’t provide any sort of cryptographic means for group management.
“This means that it is possible for the WhatsApp server to add new members to a group,” Martin R. Albrecht, a researcher at King's College in London, wrote in an email. “A correct client—like the official clients—will display this change but will not prevent it. Thus, any group chat that does not verify who has been added to the chat can potentially have their messages read.” //
By contrast, the open source Signal messenger provides a cryptographic assurance that only an existing group member designated as the group admin can add new members. //
Most messaging apps, including Signal, don’t certify the identity of their users. That means there’s no way Signal can verify that the person using an account named Alice does, in fact, belong to Alice. It’s fully possible that Malory could create an account and name it Alice. (As an aside, and in sharp contrast to Signal, the account members that belong to a given WhatsApp group are visible to insiders, hackers, and to anyone with a valid subpoena.)
Signal does, however, offer a feature known as safety numbers. It makes it easy for a user to verify the security of messages or calls with specific contacts. When two users verify out-of-band—meaning using a known valid email address or cell phone number of the other—that Signal is displaying the same safety number on both their devices, they can be assured that the person claiming to be Alice is, in fact, Alice.
A little-discussed detail in the Lavender AI article is that Israel is killing people based on being in the same Whatsapp group [1] as a suspected militant [2]. Where are they getting this data? Is WhatsApp sharing it?
CallMeBot can now send WhatsApp Text Messages! Super easy using one simple API call.
Setup:
You need to get the apikey form the bot before using the API:
- Add the phone number +34 644 21 78 06 into your Phone Contacts. (Name it it as you wish)
- Send this message "I allow callmebot to send me messages" to the new Contact created (using WhatsApp of course)
- Wait until you receive the message "API Activated for your phone number. Your APIKEY is 123123" from the bot.
Note: If you don't receive the ApiKey in 2 minutes, please try again after 24hs. - The WhatsApp message from the bot will contain the apikey needed to send messages using the API.
You can send text messages using the API after receiving the confirmation. - Enjoy
- Note, If you need any of the capabilities listed below, please check https://textmebot.com (low cost) or https://www.twilio.com/ (best official provider)
- Send messages to others
- Send messages to Groups
- Send messages from your whatsapp number
- Send Images
- Send Buttons
- Send documents
- Receive the answers
Easy to use Web-API
Get started in only 5 steps!
1) Click here to get a TextMeBot ApiKey
2) You will receive your ApiKey by email
3) Add your phone number using the link received in the email
4) Link your WhatsApp number with the API using the link received in the email
5) Start sending and receiving messages
5-easy-steps-247x400
all the tags from https://b.plas.ml
1st-amendment 2nd-amendment 4th-amendment 5th-amendment 9/11 a8 abortion acl adhd afghanistan africa a/i air-conditioning amateur-radio amazon america american android animals anti-americanism antifa anti-semitism antiv antivirus aoip apollo apple appliances archaeology architecture archive art astronomy audio automation avatar aviation backup bash batteries belleville bible biden bill-of-rights biology bookmarks books borg bush business calibre camping capitalism cellphone censorship chemistry children china christianity church cia clinton cloud coldwar communication communist composed computers congress conservatives constitution construction cooking copyleft copyright corruption cosmology counseling creation crime cron crypto culture culture-of-death cummins data database ddt dd-wrt defense democrats depression desantis development diagrams diamonds disinformation diy dns documentation dokuwiki domains dprk drm drm-tpm drugs dvd dysautonomia earth ebay ebola ebook economics education efficiency electricity electronics elements elwa email energy engineering english environment environmentalism epa ethernet ethics europe euthanasia evolution faa facebook family fbi fcc feminism finance firewall flightsim flowers fonts français france fraud freebsd free-speech fun games gardening genealogy generation generators geography geology gifts git global-warming google gop government gpl gps graphics green-energy grounding hdd-test healthcare help history hollywood homeschool hormones hosting houses hp html humor hunting hvac hymns hyper-v imap immigration india infosec infotech insects instruments interesting internet investing ip-addressing iran iraq irs islam israel itec j6 journalism jumpcloud justice kindle kodi language ldap leadership leftist leftists legal lego lgbt liberia liberty linguistics linux literature locks make malaria malware management maps markdown marriage mars math media medical meshcentral metatek metric microbit microsoft mikrotik military minecraft minidisc missions moon morality mothers motorola movies mp3 museum music mythtv names nasa nature navigation navy network news nextcloud ntp nuclear obama ocean omega opensource organizing ortlip osmc oxygen paint palemoon paper parents passwords patents patriotism pdf petroleum pets pews photography photo-mgmt physics piano picasa plesk podcast poetry police politics pollution pornography pots prayer pregnancy presentations press printers privacy programming progressive progressives prolife psychology purchasing python quotes rabbits rabies racism radiation radio railroad reagan recipes recording recycling reference regulations religion renewables republicans resume riots rockets r-pi russia russiagate safety samba satellites sbe science sci-fi scotus secularism security servers shipping ships shooting shortwave signal sjw slavery sleep snakes socialism social-media software solar space spacex spam spf spideroak sports ssh statistics steampowered streaming supplement surveillance sync tarsnap taxes tck tds technology telephones television terrorism tesla theology thorium thumbnail thunderbird time tls tools toyota trains transformers travel trump tsa twitter typography ukraine unions united.nations unix ups usa vaccinations vangelis vehicles veracrypt video virtualbox virus vitamin vivaldi vlc voting vpn w3w war water weather web whatsapp who wifi wikipedia windows wordpress wuflu ww2 xigmanas xkcd youtube zfs