Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Whatsapp, a Trojan horse for seekers of easy privacy?

carlo von lynX lynX at time.to.get.psyced.org
Thu Jan 15 09:29:33 PST 2015


On Thu, Jan 15, 2015 at 08:49:31AM -0800, Steve Weis wrote:
> Note you said "users will never know" if e2e is being used, but as Moxie
> says "we'll be surfacing this into the UI" of upgraded clients.

There is a systemic legal problem by which neither Facebook, nor
Whatsapp, nor Textsecure nor Moxie are in a position to guarantee
that whatever is surfaced into the UI actually means what it says.

Still, as long as these systems are operating from U.S. American 
ground, the current legal situation is such that the President of 
the U.S.  has under the U.S. Constitution the sole and final power 
of deciding whether companies and individuals in these companies 
get to implement anything they would like to implement, or not. [1]
And the services we have been hearing about a lot operate under 
direct executive mandate of the POTUS.

So, I again express respect to Moxie and everyone involved for
trying to improve the lives of everyday users, but I see a terrible
risk in promoting any such technology considering the NSA's track
record on making use of its given privileges. The chances this is
actually happening can only be considered minimal.

It would take millions of people running independenlty built
clients from source code, and a credible procedure thereof - only
then would a hindrance for the NSA exist to exercise its privileges.

As we are by now familiar with its inner workings and strategies,
the agency will intervene in the process early enough to impede
anything like this from happening.

Prove me wrong. Give us a way to reproduce the exact client millions
of humans are relying on, from source code. And make that information
arise to the UI surface. Then we will know that Whatsapp and TextSecure
are doing the right thing, and we will have to continue worrying about
Google and Apple (the NSA may choose to pick up the TextSecure ratchets
or private keys via Android/iOS backdoors).


[1] Caspar Bowden, 31c3, http://cdn.media.ccc.de/congress/2014/webm-sd/31c3-6195-en-The_Cloud_Conspiracy_2008-2014_webm-sd.webm.torrent

-- 
	    http://youbroketheinternet.org
 ircs://psyced.org/youbroketheinternet



More information about the liberationtech mailing list