from atek@lemm.ee to privacy@lemmy.ml on 09 Aug 2024 11:46
https://lemm.ee/post/39164792
I know the title sounds like a paradox, but let me explain:
In Feb '21 I deleted all my Meta related accounts in a first step towards moving away from big tech. Removing whatsapp was kind of a big deal over here but I managed to get close family and friends over to Telegram and Signal and resorted to text messages with other contacts. I’ve been enjoying the peace and quiet but it’s been a hassle for everyone around me. Invites to parties, big news or announcements always had to be relayed through somebody else. Last week a dear friend passed away and because that news had to be rleayed to me too i think its time to go back again.
And now for my question: is there a way to run whatsapp on your phone while respecting privacy? I know it sounds crazy but I was thinking there might be a way to run it in a sandbox or closed environment of some sort. Im running LineageOS on my phone and I dont mind tweakin around a bit.
Because I live in the EU i was putting my money on the DMA, it was my understanding that the DMA would make it possible to send telegram messages to whatsapp, whatsapp messages to signal and in this way get in contact with anyone on any platform you’d like. When the DMA went into action in the beginning of this year it became clear pretty soon it would only be a one way street; all messenger services would be able to contact whatsapp, because that is the biggest player. Half a year down the line and I havent been seeing any news about it anymore. Does anyone have an update? Will it ever be possible to chat crossplatform?
#privacy
threaded - newest
Well first of all I’d ask:
What does privacy mean to you and have you done an accurate threat analysis?
People will have different ideas about privacy and have different needs from it. It’s not a universal thing nor is it static.
I havent done any extensive research but i just dont like Meta. Id hate for them to use my metadata against me. I do know its a bit much to ask using whatsapp but i like the idea of Shelter
Beeper bridge : keeps the client off your phone and you can use a privacy respecting client.
Run Whatsapp in a work profile and deny all permissions, they will still see your IP address. It would only see contacts you put into the work profile.
If you use graphene OS, you can do contact scope limitations, so you can choose which contacts are available to whatsapp
Use the pwa version of Whatsapp to further limit what you leak.
Beeper Bridge is a bad idea. They are able to see your messages in transmit and you know trust 2 entities instead of one.
True, but you could self host, it’s a option.
Watching Mastadon messages mix with lemmy threads is like seeing someone having a schizophrenic episode.
Thanks I thought I had an aneurysm. Very cool to see federation worling though
@debacle @atek @daniel @sopranica
For the sake of yak-shaving ;-)
- you can share your XMPP presence (online/away) if you wish
- not uploading your contact list requires being careful and limits the official app's functionality, you cannot start a new conversation be it 1:1 or group. You can do so through slidge-whatapp though, once it's "paired" to the official app, which can then be uninstalled (but you'll have to reinstall/re-pair every 2 weeks or so)
With GrapheneOS you can set contact scopes for apps like whatsapp so it only sees specific contacts that you select and not the entire contact list from the phone.
You can send a phone number on WhatsApp and when clicking on it it gives you the option to chat with that number
Whatsapp uses the Signal protocol but they have also been known to read as much metadata as possible.
The creator of Signal helped FB implement the code, but ive been afraid that the mega Corp rolled their own crypto and superceded the protections put in place from Moxie.
That said, I dont know if its possible to have a 3rd partty front end anymore for WhatsApp.
They way, they use an old Version of the protocol. No one can review and no audit was done. So we must expect no encryption.
Additionaly, encryption != privacy
I would put WhatsApp in a Work Profile via e.g. Shelter. It’s isolates it from the rest of device. I would also avoid putting PII on your profile like your full name, a photo as pfp, your bio, etc.
I do the same as well. Shelter is an amazing project.
This is the correct answer. If you don’t need notifications:
Make sure you enable the auto frost service in Shelter’s settings, enable auto frost for WhatsApp in Shelter and replace the icon on your home screen with a Shelter shortcut.
You can also use a trustworthy VPN to route traffic from the entire work profile or only from WhatsApp.
Still needs a phone number. If you use anything other than a burner number, this is the crucial data point which allows Meta to plug you into their monster social graph of the whole world and find out who you know and therefore who you are.
Yeah wouldn’t suggest using your real phone number
This looks great! Ill try this
I didn’t give it access to my contacts and navigate it by familiarity with profile pictures and using “Open in WhatsApp”, an app that let’s you… open WhatsApp conversation from your contacts manually (I need it only for a new contact)
Hardly matters what you tell Meta if all your contacts are telling Meta the opposite. The phone number ID is the weakest link.
Seperate phone, solely used for WA. When no relative is dying and you dont need to be available buy a proper faraday bag and only take it out when you need to.
thats my threat model whats yours?
Forgive my ignorance but isn’t WhatsApp no longer considered a privacy app?
Also, a recommended YT channel: www.youtube.com/@robbraxmantech
Why would something choose Telegram as a private alternative over Whatsapp? Can you message someone on Telegram who is not a contact? How do you you get around Felegram saving info and messages on their servers? XMPP would be a better choice with OMEMO.
Interface
This post got me to search in FDroid and i found Chatlaunch forma Whatsapp. Anyone used it?
I am using Launch Chat. As it got more other messenger apps(Telegram, Signal). So far so good, chat with people without allowing contacts permission to messengers like whatsapp.
Not possible
However as you are in the EU, Facebook have to add 3rd party support to whatsapp. So that people on whatsapp can still message users who are not on whatsapp. Later in the future, group support will be added.
No time frame of when it goes live.
theverge.com/…/whatsapp-interoperability-plans-eu…