Павел Дуров посоветовал пользователям удалить WhatsApp
Основатель Telegram считает, что в мессенджере слишком много уязвимостей.
In May, I predicted that backdoors in WhatsApp would keep getting discovered, and one serious security issue would follow another, as it did in the past [1]. This week a new backdoor was quietly found in WhatsApp [2]. Just like the previous WhatsApp backdoor and the one before it, this new backdoor made all data on your phone vulnerable to hackers and government agencies. All a hacker had to do was send you a video – and all your data was at the attacker’s mercy [3].
WhatsApp doesn’t only fail to protect your WhatsApp messages – this app is being consistently used as a Trojan horse to spy on your non-WhatsApp photos and messages. Why would they do it? Facebook has been part of surveillance programs long before it acquired WhatsApp [4][5]. It is naive to think the company would change its policies after the acquisition, which has been made even more obvious by the WhatsApp founder’s admission regarding the sale of WhatsApp to Facebook: “I sold my users’ privacy” [6].
Following the discovery of this week’s backdoor, Facebook tried to confuse the public by claiming they had no evidence that the backdoor had been exploited by hackers [7]. Of course, they have no such evidence – in order to obtain it, they would need to be able to analyze videos shared by WhatsApp users, and WhatsApp doesn’t permanently store video files on its servers (instead, it sends unencrypted messages and media of the vast majority of their users straight to Google’s and Apple’s servers [8]). So – nothing to analyze – “no evidence”. Convenient.
But rest assured, a security vulnerability of this magnitude is bound to have been exploited – just like the previous WhatsApp backdoor had been used against human rights activists and journalists naive enough to be WhatsApp users [9][10]. It was reported in September that the data obtained as a result of the exploitation of such WhatsApp backdoors will now be shared with other countries by US agencies [11][12].
Despite this ever-increasing evidence of WhatsApp being a honeypot for people that still trust Facebook in 2019, it might also be the case that WhatsApp just accidentally implements critical security vulnerabilities across all their apps every few months. I doubt that – Telegram, a similar app in its complexity, hasn’t had any issues of WhatsApp-level severity in the six years since its launch. It’s very unlikely that anyone can accidentally commit major security errors, conveniently suitable for surveillance, on a regular basis.
Regardless of the underlying intentions of WhatsApp’s parent company, the advice for their end-users is the same: unless you are cool with all your photos and messages becoming public one day, you should delete WhatsApp from your phone.
[1] – Why WhatsApp will never be secure
[2] – WhatsApp users urged to update app immediately over spying fears
[3] – WhatsApp Android and iOS users are now at risk from malicious video files
[4] – Everything you need to know about PRISM
[5] – NSA taps data from 9 major Net firms
[6] – WhatsApp co-founder Brian Acton: 'I sold my users' privacy'
[7] – Hackers can use a WhatsApp flaw in the way it handles video to take control of your phone
[8] – WhatsApp is storing unencrypted backup data on Google Drive
[9] – WhatsApp hack led to targeting of 100 journalists and dissidents
[10] – Exclusive: Government officials around the globe targeted for hacking through WhatsApp - sources
[11] – Police can access suspects’ Facebook and WhatsApp messages in deal with US
[12] – Facebook, WhatsApp Will Have to Share Messages With U.K.
WhatsApp doesn’t only fail to protect your WhatsApp messages – this app is being consistently used as a Trojan horse to spy on your non-WhatsApp photos and messages. Why would they do it? Facebook has been part of surveillance programs long before it acquired WhatsApp [4][5]. It is naive to think the company would change its policies after the acquisition, which has been made even more obvious by the WhatsApp founder’s admission regarding the sale of WhatsApp to Facebook: “I sold my users’ privacy” [6].
Following the discovery of this week’s backdoor, Facebook tried to confuse the public by claiming they had no evidence that the backdoor had been exploited by hackers [7]. Of course, they have no such evidence – in order to obtain it, they would need to be able to analyze videos shared by WhatsApp users, and WhatsApp doesn’t permanently store video files on its servers (instead, it sends unencrypted messages and media of the vast majority of their users straight to Google’s and Apple’s servers [8]). So – nothing to analyze – “no evidence”. Convenient.
But rest assured, a security vulnerability of this magnitude is bound to have been exploited – just like the previous WhatsApp backdoor had been used against human rights activists and journalists naive enough to be WhatsApp users [9][10]. It was reported in September that the data obtained as a result of the exploitation of such WhatsApp backdoors will now be shared with other countries by US agencies [11][12].
Despite this ever-increasing evidence of WhatsApp being a honeypot for people that still trust Facebook in 2019, it might also be the case that WhatsApp just accidentally implements critical security vulnerabilities across all their apps every few months. I doubt that – Telegram, a similar app in its complexity, hasn’t had any issues of WhatsApp-level severity in the six years since its launch. It’s very unlikely that anyone can accidentally commit major security errors, conveniently suitable for surveillance, on a regular basis.
Regardless of the underlying intentions of WhatsApp’s parent company, the advice for their end-users is the same: unless you are cool with all your photos and messages becoming public one day, you should delete WhatsApp from your phone.
[1] – Why WhatsApp will never be secure
[2] – WhatsApp users urged to update app immediately over spying fears
[3] – WhatsApp Android and iOS users are now at risk from malicious video files
[4] – Everything you need to know about PRISM
[5] – NSA taps data from 9 major Net firms
[6] – WhatsApp co-founder Brian Acton: 'I sold my users' privacy'
[7] – Hackers can use a WhatsApp flaw in the way it handles video to take control of your phone
[8] – WhatsApp is storing unencrypted backup data on Google Drive
[9] – WhatsApp hack led to targeting of 100 journalists and dissidents
[10] – Exclusive: Government officials around the globe targeted for hacking through WhatsApp - sources
[11] – Police can access suspects’ Facebook and WhatsApp messages in deal with US
[12] – Facebook, WhatsApp Will Have to Share Messages With U.K.
1717 показов
11K11K открытий
Вот сравнение мессенджеров по приватност: https://www.securemessagingapps.com. Можете говорить, что Телеграм удобней Ватсаппа, хотя, что в одном, что в другом тупо список чатов + пузыри сообщений. Но по приватности Телега ровно такое-же говно, что и Ватсапп, если не хуже. Паша за дебилов вас держит, делая имиджевую рекламу, ни капли не соответствующую действительности. Еще и, проработав больше 10 лет в Айти компании, использует дилетантскую аргументацию
Вы немного забываете, Паша это просто мордашка Телеги, симпатичная морда бренда, его маркетинговая и PR часть. Поэтому он фотается сидя на барханах в пустыне, эксплуатирует образ Нео из матрицы, весь такой одинокий и отрешенный от жизни волк.
Его братец, это техническая часть проекта, такой типаж не покажешь на публику, т.к. слишком гиковский, в плохом смысле этого слова.
Так вот, поскольку Паша это морда проекта, он и заливает всем в уши какой его продукт типа самый лучший, самый защищенный а все остальные дерьмо. Он отрабатывает свою роль. Возможно он и держит всех за дебилов, но только ту часть, кто в курсе про его типа "борьбу" с системой, отжим Вконтакте, уезд из страны, блокировки Телеграмма и прочее. Собственно только у такой части пользователей он и вызывает доверие, ну, типа если аж целое государство против его продукта, значит продукт годный.
На деле это фикция, пускание пыли в глаза. В плане защищенности и тем более приватности его продукт стоит на той же полке что и WhatsApp, чтобы Пашенька не пытался втереть. И есть теория со своими сторонниками, кто считает что вся эта его "борьба" с системой очень хорошо продуманный план, именно для популяризации мессенджера. Кто автор плана, думайте сами.
Основная его ЦА пользователи из стран СНГ. ЗА пределами этой территории Телега мало известна и используется в меньшинстве. В Европе царствует WhatsApp, в штатах эппловский и фейсбуковский Messenger-ы, в азиатских странах там какие-то свои (Line кажется), всех остальных его борьба не волнует.
Руководить != работать и понимать.
В публичном сервисе вряд ли нужно искать секурность. Хотите её - свой жаббер или рокет разворачивайте.
Вот ещё годное сравнение мессенджеров:
https://docs.google.com/spreadsheets/d/1-UlA4-tslROBDS9IqHalWVztqZo7uxlCeKPQ-8uoFOU/htmlview