undefined | Better HN

0 pointsgruez3y ago0 comments

>They just decrypt analysis and reencypt and forward. Since communication is not peer to peer and goes via FB the key exchange is prob with Facebook not the users.

Do you have any evidence for this, or is this your "better safe than sorry" assumption for every e2e messenger that doesn't allow you to verify keys?

0 comments

philliphaydon3y ago

After FB bought WhatsApp I’ve had multiple occasions where shortly after having conversations with people about products I haven’t searched for. The only place I’ve discussed it. Is in a whats app conversation. I got advertising in Facebook for those products.

For example when looking for an apartment I told my agent (non business account) that I wanted safety catches on the windows. I immediately got advertising for safety catches and window gates.

I don’t own cats but in a conversation with a friend who owns cats I said she should get one of those cat tree things and scratch poles. Right away Facebook starts showing me adverts for cat toys.

This is not stuff I’ve searched or googled or anything. Just mentioned in WhatsApp. Maybe WhatsApp whats differently in America but in Singapore I get advertising in Facebook from conversations.

gruezOP3y ago

That's... not really good evidence. Your story sounds almost identical to the "facebook/google is eavesdropping on me" stories that frequently make the rounds on popular discourse. Unfortunately, that's basically the Sasquatch of the privacy world (ie. there are many people with anecdotes claiming it exists, but very little in the way of actual evidence like network captures or decompiled binaries). If anything, it's worse than Sasquatch because at least with Sasquatch you could claim that there aren't many of them and/or they're actively avoiding humans so they're hard to photograph, but the "facebook/google is eavesdropping on me" stories implies it's happening to everyone so capturing an instance should only be a matter of technical skill rather than luck.

philliphaydon3y ago

Can you explain why advertising shows only in facebook, for keywords only used inside an apparently private conversation?

Unless WhatsApp is audited completely, not just looking at some source code but also how all information passes through facebook and back to a receiver. Then we can only assume the e2ee is just marketing fluff and not something that is done in favour of privacy.

1 more reply

scrollaway3y ago

None of this is evidence of decryption.

At best it’s circumstantial anecdotes pointing to Facebook extracting topic metadata out of your convos. This can be done clientside, no decryption necessary. (And it’s easy to prove that it’s being done if that’s the case)

klyrs3y ago

E2EE plus arbitrarily invasive clent-side sniffing/reporting should not be considered "E2EE" by any means. Even if reports to the mothership are strongly encrypted (at which point it becomes harder to determine what's in the reports).

1 more reply

kaba03y ago

The person you talked about may have searched for the term, and knowing that you are friends facebook can easily assume that you would be also interested in this thing. It may also operate based on metadata of you have talked recently.

j / k navigate · click thread line to collapse

0 comments

philliphaydon3y ago

For example when looking for an apartment I told my agent (non business account) that I wanted safety catches on the windows. I immediately got advertising for safety catches and window gates.

I don’t own cats but in a conversation with a friend who owns cats I said she should get one of those cat tree things and scratch poles. Right away Facebook starts showing me adverts for cat toys.

This is not stuff I’ve searched or googled or anything. Just mentioned in WhatsApp. Maybe WhatsApp whats differently in America but in Singapore I get advertising in Facebook from conversations.

gruezOP3y ago

philliphaydon3y ago

Can you explain why advertising shows only in facebook, for keywords only used inside an apparently private conversation?

1 more reply

scrollaway3y ago

None of this is evidence of decryption.

klyrs3y ago

1 more reply

kaba03y ago

j / k navigate · click thread line to collapse