Silk Road forums
Discussion => Security => Topic started by: PePinJeNek on January 02, 2013, 06:35 am
-
I wish everyone a mindblowing 2013!!
Just wanted to get some opinions about the usage of whatsapp for sensitive information.
I have an android smartphone and use whatsapp to sometimes send text messages
that if intercepted by LE could be harmfull for my safety.
I'm not a noob but just wanted to find out if anyone can confirm that this service is safe to
use and really encrypted all their traffic.
I know that previous versions had safety issues and that people could hack your wifi and
read all your messages, but apparently this issue is solved plus I never use wifi.
For the people who don't know what it is, it is a messenger service for your mobile that uses mobile data
or wifi connection and it claims that their latest version fully encrypted all your messages.
Any info or suggestions are welcome.
Peace
-
I wish everyone a mindblowing 2013!!
Just wanted to get some opinions about the usage of whatsapp for sensitive information.
I have an android smartphone and use whatsapp to sometimes send text messages
that if intercepted by LE could be harmfull for my safety.
I'm not a noob but just wanted to find out if anyone can confirm that this service is safe to
use and really encrypted all their traffic.
I know that previous versions had safety issues and that people could hack your wifi and
read all your messages, but apparently this issue is solved plus I never use wifi.
For the people who don't know what it is, it is a messenger service for your mobile that uses mobile data
or wifi connection and it claims that their latest version fully encrypted all your messages.
Any info or suggestions are welcome.
Peace
Take a close look at their Terms of Service (TOS):
Log File Information: When you use the WhatsApp Site, our
servers automatically record certain information that your web
browser sends whenever you visit any website. These server logs
may include information such as your web request, Internet Protocol
("IP") address, browser type, browser language, referring / exit
pages and URLs, platform type, number of clicks, domain names,
landing pages, pages viewed and the order of those pages, the
amount of time spent on particular pages, the date and time of
your request, one or more cookies that may uniquely identify your
browser, your phone number, phone number you are requesting the
status of and various status information. When you use the
WhatsApp Service, our servers log certain general information
that our application sends whenever a message is sent or received,
or if you update or request any status information, including time
and date stamps and the mobile phone numbers the messages were sent
from and to.
[...]
We may collect and release Personally Identifiable Information
and/or non-personally-identifiable information if required to do
so by law, or in the good-faith belief that such action is necessary
to comply with state and federal laws (such as U.S. Copyright Law),
international law or respond to a court order, subpoena, or search
warrant or equivalent, or where in our reasonable belief, an
individual’s physical safety may be at risk or threatened. WhatsApp
^^^^^^^^
also reserves the right to disclose Personally Identifiable
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Information and/or non-personally-identifiable information that
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WhatsApp believes, in good faith, is appropriate or necessary to
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
enforce our Terms of Service, take precautions against liability,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
to investigate and defend itself against any third-party claims or
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
allegations, to assist government enforcement agencies, to protect
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
the security or integrity of the WhatsApp Site or our servers, and
to protect the rights, property, or personal safety of WhatsApp, our
users or others.
So, in other words, they reserve the right to themselves to hand over your personal information to government agencies if, in their opinion, it is necessary or appropriate -- even in the absence of a warrant or other judicial process.
Still feel good about them now?
-
as safe as a normal text message would be.... not safe at all.
If you must use your mobile device for sensitive things, have a look at wickr (might be iphone only) or RedPhone (for encrypted calls) TextSecure (for encrypted messages).
If you're using an android device, make sure you disable the developer mode, and encrypt the device using the inbuilt encryption (Ice-Cream Sandwich or higher version) and use a strong password.
-
always use keywords other than actual drug names. try to develop your own rather than use existing slang.
the more bulk smalltalk you add, the more shit there is for any spies to sift through. so ask about how people are, what youve been doing etc, casually adding in more sensitive details in shorthand slang.
they'll pass through information without realising it
-
Thanks everyone for your imput.
Yeah after reading the privacy agreement
It pretty clear that they can do whatever
the fuck they want..
To be expected from a comercial app like that i suppose.
Peace
-
Gibberbot - use this !
But be advised that somebody else could see that you are using it ! even if the adversary cannot read what ur sending and it isnt logged..
In the End Jakob Appelbaum probably would tell you to never ever use a fucking phone.. 8)
Cheers!