WhatsApp can access virtually all of it 3 billion users’ purportedly ‘private’ communications,” according to a lawsuit filed against Meta.
-
@newsguyusa the lawsuit provides seemingly no evidence to support this
https://techhub.social/@alextecplayz/115971857366040544
quick correction, as I'm reading into it more: Techlore may have been wrong about the connection between the law firms representing the Plaintiffs and NSO Group, I can't find any information on that
but the brief on the lawsuit is that they claim that through their "courageous whistleblowers" they allege that Meta workers send a request to an engineer and without scrutiny in most cases, will just grant the worker access to the data for that user.
This is somewhat demonstrably false as WA web has been reverse-engineered twice, once via a presentation at Black Hat US 2019 (https://i.blackhat.com/USA-19/Wednesday/us-19-Zaikin-Reverse-Engineering-WhatsApp-Encryption-For-Chat-Manipulation-And-More.pdf) and for a university project (https://www.ir.juit.ac.in:8080/jspui/bitstream/123456789/7764/1/Whatsapp%20Web%20Reverse%20Engineering.pdf) to show that it's E2EE and using the Signal protocol.
they also try to represent all WA users globally except WA users in the US, Canada, EU, UK lmfao
Love digging thru 'WhatsApp bad
' to find this comment. Took 2 minutes reading the brief to see there's no teeth in the argument. It's like they skipped that part.1 Define End2End Encryption
2 Explain OWS helped impl. Signal protocol
3 Unencrypted metadata note
4 Signal's source is public, not WhatsApps
5 WhatsApps claim they have no access to users’ chats: false. As whistleblowers explained(?), they store & have ∞ access to encrypted commsWhere'd that come from?
-
One of the most disturbing things about this is that so many governments, political parties and public bodies use Whatsapp to communicate at the highest level, including ministers, heads of government etc.
Why aren't they using something properly secure, considering the high stakes?
@FediThing @newsguyusa OK, but WhatsApp uses Signal protocol, and if you enable e2e you should be secure. As I understand in this lawsuit there is not description of mechanism, above this that somehow Meta implemented Signal protocol in such way that they are able to break encryption. Maybe it is something like back channel to device where keys ma be requested?
-
WhatsApp can access virtually all of it 3 billion users’ purportedly ‘private’ communications,” according to a lawsuit filed against Meta. https://www.courtlistener.com/docket/72183413/1/dawson-v-meta-platforms-inc/
@newsguyusa https://www.bloomberg.com/news/articles/2026-01-25/lawsuit-claims-meta-can-see-whatsapp-chats-in-breach-of-privacy
Interested to see what more comes out of it. news.ycombinator pretty silent.
-
WhatsApp can access virtually all of it 3 billion users’ purportedly ‘private’ communications,” according to a lawsuit filed against Meta. https://www.courtlistener.com/docket/72183413/1/dawson-v-meta-platforms-inc/
@newsguyusa 'cause they were E2E encrypted, right?
-
@newsguyusa the lawsuit provides seemingly no evidence to support this
https://techhub.social/@alextecplayz/115971857366040544
quick correction, as I'm reading into it more: Techlore may have been wrong about the connection between the law firms representing the Plaintiffs and NSO Group, I can't find any information on that
but the brief on the lawsuit is that they claim that through their "courageous whistleblowers" they allege that Meta workers send a request to an engineer and without scrutiny in most cases, will just grant the worker access to the data for that user.
This is somewhat demonstrably false as WA web has been reverse-engineered twice, once via a presentation at Black Hat US 2019 (https://i.blackhat.com/USA-19/Wednesday/us-19-Zaikin-Reverse-Engineering-WhatsApp-Encryption-For-Chat-Manipulation-And-More.pdf) and for a university project (https://www.ir.juit.ac.in:8080/jspui/bitstream/123456789/7764/1/Whatsapp%20Web%20Reverse%20Engineering.pdf) to show that it's E2EE and using the Signal protocol.
they also try to represent all WA users globally except WA users in the US, Canada, EU, UK lmfao
And of course, note that Pavel Durov (CEO of Telegram) and Elon Musk have both jumped on this to promote their own (considerably and objectively worse) platforms, Telegram and X Chats, while shitting on both Signal and WhatsApp.
So even if they might bring some more claims later or present some evidence, note that the snake oil salesmen have jumped on this as well.
No matter your stance on WhatsApp, I personally think WA is still using the Signal protocol or have modified it along the way to support the service's additional features, I have little reason to believe that WA isn't E2EE anymore. But that's just my opinion, I'm no security expert.
-
WhatsApp can access virtually all of it 3 billion users’ purportedly ‘private’ communications,” according to a lawsuit filed against Meta. https://www.courtlistener.com/docket/72183413/1/dawson-v-meta-platforms-inc/
@newsguyusa 100% chance, 99% of those users don't care... Number of people - including ones working in tech - who refused to install Signal when I have recommend them to - because they "don't want another app" on the phone is very high, strangely quite a few have installed Telegram afterwards so most people can't be helped.
-
L luettdeern@plasmatrap.com shared this topic
