Active Topics

 


Reply
Thread Tools
ZogG's Avatar
Posts: 1,389 | Thanked: 1,857 times | Joined on Feb 2010 @ Israel
#321
I do not want to start arguing here, but as most users "donated" a lot of $, especially when developer said he would need those in order to develop(so I'm not sure how is it donations). It would be more than fair that such developer would at least publish code if he suddenly decided to stop support because "3rd party and user banning", as it would be something new and was not known before he asked for those donations ._.
__________________
IRC nick on freenode — ZogG
imgrup
 

The Following 4 Users Say Thank You to ZogG For This Useful Post:
pichlo's Avatar
Posts: 6,447 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#322
Originally Posted by Fellfrosch View Post
You have decided wisely!
Maybe, but...

Maybe the users of such a messenger should think about moving on...
https://talk.maemo.org/showpost.php?...&postcount=314
__________________
Русский военный корабль, иди нахуй!
 
Fellfrosch's Avatar
Posts: 1,092 | Thanked: 4,995 times | Joined on Dec 2009 @ beautiful cave
#323
Originally Posted by pichlo View Post
Maybe, but...



https://talk.maemo.org/showpost.php?...&postcount=314
Well, if you don't want to switch every now and than, you have to choose the way to communicate very carefully. To choose a solution with a closed source protocoll isn't very clever, if you want the freedom of choice, which platform you use.
If you don't care, than you have to eat what your provider offers you and all is fine.

I for myself decided, that I don't want to be dependent on the big players, so I'm very old school in my choice:
vis-a-vis, phonecalls, mail, irc and somtimes SMS.
No whatsthat, no skype, still alive, still friends.
 

The Following 5 Users Say Thank You to Fellfrosch For This Useful Post:
Fellfrosch's Avatar
Posts: 1,092 | Thanked: 4,995 times | Joined on Dec 2009 @ beautiful cave
#324
Originally Posted by wicket View Post
WhatsApp's centralised server means that your address book is probably shared with Facebook who own it. I guess it's a trade-off about what I am willing accept but it looks like they are heading in the right direction
Well it's interesting that you are willing to accept that. Have you asked everybody in your address book if they want their personal data on facebooks servers and using them for who knows what? In fact that's the biggest point for me in criticizing WhatsApp.

Or what do you think, would the customers of a pornsite or a panama bank think, if the site/bank decides to publish their "address books".

It's a no go for me, that WhatsApp collects data from persons, who haven't agreed with that. And I wouldn't call that the right direction.
 

The Following 8 Users Say Thank You to Fellfrosch For This Useful Post:
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#325
Originally Posted by wicket View Post
Banning users? Switching to a protocol that uses end-to-end encryption by default which happens to break 3rd party clients is not the same as banning users.

I actually have congratulate WhatsApp on this change. It's come a long way since inception. End-to-end encryption as default puts it above most other proprietary communications in my book, even above SMS.
Well, that is IF you believe them...
I am a bit suspicious about it, and too bad you cannot verify it as the specification is closed.

Besides how do you implement group chats with end-to-end ciphering? By distributing separate keypairs for each member on the group maybe? wouldn't that multiple the possibility of leaking a lot of keys?

All in all I'd take their claims with a largish grain of salt...
 

The Following 4 Users Say Thank You to juiceme For This Useful Post:
Feathers McGraw's Avatar
Posts: 654 | Thanked: 2,368 times | Joined on Jul 2014 @ UK
#326
Originally Posted by juiceme View Post
Well, that is IF you believe them...
I am a bit suspicious about it, and too bad you cannot verify it as the specification is closed.
I'm with you on this, you can't really trust they they've done anything properly if community experts can't audit the code.

Besides how do you implement group chats with end-to-end ciphering? By distributing separate keypairs for each member on the group maybe? wouldn't that multiple the possibility of leaking a lot of keys?
Isn't it more like PGP with multiple recipients? The private key is stored on the handset ad the public keys are stored on the server so you don't have to add them manually, if you're talking to multiple people you just need more public keys, the private keys aren't distributed.
 

The Following User Says Thank You to Feathers McGraw For This Useful Post:
coderus's Avatar
Posts: 6,436 | Thanked: 12,701 times | Joined on Nov 2011 @ Ängelholm, Sweden
#327
@wicket yes they are BANNING users of 3rd part clients.
@juiceme they are actually using libsignal from textsecure for text messaging. it's almost same as own textsecure clients, but working via whatsapp servers using xmpp protocol encrypted packets with Noise protocol. It's all already reversed and hacked by other peoples in php Chat-API project
@ZogG i developed a lot for WA1.5 protocol support, then they switched to WA1.6 protocol, and now switched to WA2.0 protocol. Fully working qt libs for libaxolotl and libwa are ready. But since december i have a full time job and cant support such big project. I will think about publishing sources some day, and you will see i did not spent your donations for drugs and whores, but for code
__________________
Telegram | Openrepos | GitHub | Revolut donations
 

The Following 15 Users Say Thank You to coderus For This Useful Post:
Posts: 435 | Thanked: 1,599 times | Joined on Dec 2010
#328
Originally Posted by coderus View Post
i did not spent your donations for drugs and whores, but for code
What! My donation was for drugs and whores, I want a refund
 

The Following 13 Users Say Thank You to tommo For This Useful Post:
wicket's Avatar
Posts: 634 | Thanked: 3,266 times | Joined on May 2010 @ Colombia
#329
Originally Posted by Fellfrosch View Post
Well it's interesting that you are willing to accept that. Have you asked everybody in your address book if they want their personal data on facebooks servers and using them for who knows what? In fact that's the biggest point for me in criticizing WhatsApp.

Or what do you think, would the customers of a pornsite or a panama bank think, if the site/bank decides to publish their "address books".

It's a no go for me, that WhatsApp collects data from persons, who haven't agreed with that. And I wouldn't call that the right direction.
Don't get me wrong, if I eventually choose to use WhatsApp (I still have not decided 100%), like with any proprietary solution, it would be with great reluctance.

I too share your concerns, I'm also a victim of this, nobody ever asked me if I wanted my name and phone number to be submitted to WhatsApp servers but I'm sure it's happened many times already. Telegram which also uses a centralised, closed server, is not better in this regard. Likewise, my telephone operator knows everybody I call and what I say to them. If I eventually decide to use WhatsApp, the way I see it is that I'm coming so late to the game that I'm pretty sure that everyone in my address book is already on their servers. It doesn't make it right, sure, but in this case, resistance is futile. In any case, I would be using a 3rd party open source client so it would be possible modify it so that it only exposes the contacts that I want to expose.

Customers of a porn site or a Panamá bank would obviously not be impressed if their data was published but I fail to see the relevance of that point. WhatsApp aren't publishing address books as such. A data leak would expose the information but that's no different from any other service that one may use in life. There's always a risk when giving personal data to another entity.

All I'm saying is that guaranteed end-to-end encryption from WhatsApp makes it a better choice over other proprietary solutions such as Skype, Google Hangouts, Facebook Messenger and even Telegram which some have suggested moving to. I've tried moving people to SIP calls and XMPP in the past but either they're just not interested or when they are willing to give it a try, it's caused no end in headaches. I've accepted that we live in a far from perfect world and either I use proprietary communications or I become a hermit and only communicate with people in FSF circles. This very forum, vBulletin, is proprietary software.

Originally Posted by juiceme View Post
Well, that is IF you believe them...
I am a bit suspicious about it, and too bad you cannot verify it as the specification is closed.

Besides how do you implement group chats with end-to-end ciphering? By distributing separate keypairs for each member on the group maybe? wouldn't that multiple the possibility of leaking a lot of keys?

All in all I'd take their claims with a largish grain of salt...
You raise some good points. How are the public keys being transferred?

I hadn't thought about group chat. I guess it's a common problem with any implementation of group chat encryption. One of the users could act as a host or each user could push messages to all members of the group. I've no idea how they are doing it.
__________________
DebiaN900 - Native Debian on the N900. Deprecated in favour of Maemo Leste.

Maemo Leste for N950 and N9 (currently broken).
Devuan for N950 and N9.

Mobile devices with mainline Linux support - Help needed with documentation.

"Those who do not understand Unix are condemned to reinvent it, poorly." - Henry Spencer
 

The Following 2 Users Say Thank You to wicket For This Useful Post:
nthn's Avatar
Posts: 764 | Thanked: 2,888 times | Joined on Jun 2014
#330
juiceme, check out OMEMO, it's based on libsignal but made to work with XMPP, and it also works in group chats (well, MUCs, but the new kind of 'real' group chats, 'MIX', is on the horizon). Works very well with the Android application Conversations and the desktop application Gajim. Waiting for more clients to implement it, but it's definitely the way forward. Finally we can leave behind OTR and GPG without sacrificing privacy, and there's actually a choice involved, whether you want to use Signal, an XMPP server or become part of WhatsApp.
 

The Following 4 Users Say Thank You to nthn For This Useful Post:
Reply

Tags
mitakuuluu


 
Forum Jump


All times are GMT. The time now is 01:38.