Path: csiph.com!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail From: Richmond Newsgroups: comp.mobile.android Subject: Re: whatsapp interoperability Date: Wed, 11 Sep 2024 20:41:29 +0100 Organization: Frantic Message-ID: <86v7z2kmfq.fsf@example.com> References: <86ttemlcml.fsf@example.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Injection-Info: solani.org; logging-data="135998"; mail-complaints-to="abuse@news.solani.org" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) Cancel-Lock: sha1:B1bRn8psy8Y2+5UkPTZ1KY1WspY= sha1:pFhFc8Xx+HBMeAL8Er6fTL1sAow= X-User-ID: eJwFwYEBwCAIA7CXRCiVc1Ym/59gAk/LZiQyMBgPX6rtPNpWK/QPP9zO03NLFU3SpKhsw+YDDocQsQ== Xref: csiph.com comp.mobile.android:143353 Jörg Lorenz writes: > On 11.09.24 18:13, s|b wrote: >> On Wed, 11 Sep 2024 11:15:46 +0100, Richmond wrote: >> >>> Whatsapp uses the Signal protocol. How did they make open source >>> into closed source? "The Signal Protocol is licensed under the GNU >>> Affero General Public License (AGPLv3). This license requires that >>> the complete source code of the licensed work and any modifications >>> be made available under the same license." >> >> I don't know the details, but someone explained it like this: >> >> A Signal user sends a message to a WA user. The encryption is: >> >> aZ*2 >> >> When it reaches the servers at WA something gets added: >> >> aZ*2[Vy*3] >> >> This way data could be gathered by Meta. Meta doesn't give access to >> Signal to check if something like this doesn't happen. >> >> I don't know if I'm explaining correctly, but if Signal doesn't want >> to cooperate they must have a damn good reason. > > No: Signal has absolutely no intention to break their encryption which > is a condition for interoperability. Would Signal do that I would drop > it immediately. Signal uses an end-to-end-encryption which WA does not > really. Alternative suppliers like Signal, Threema, iMsg or Telegram > would commit immediate suicide if they would follow that route. How do you know android isn't stealing your data?