It’s closed as fuck source. They went as far as sending cease and desists to third party client developers.
It’s tied down to phone number and shares it with everyone you talk to
It’s bolted down to gdrive
Only boomers use it to send trashy GIFs to each other
That’s about all I have, but I’ve never actually used it. Maybe someone else could chime in with more reasons, but for me those are already enough to stay away from it as far as possible.
In Russia, too. When I need them I just call them and pretend to be ultra-Z-patriot and do my best to be extra annoying while complaining about them using an illegal app made by a designated extremist organization. Works well enough for them to at least offer another option.
Last point isn’t true unfortunately. My late 20s to mid 30s coworkers use it almost exclusively, as well as most of my customers, and even some businesses (AirBnB, airlines)
The same reason as… say, you can’t say Gran Turismo works on PC, even though its compatible with PlayStation’s remote play.
And I don’t buy the E2EE argument. It’s not impossible to have multiple “ends” on each side e2e. Heck, they’ve done it themselves… In 2022. Given their track record, I’d suspect they’re just doing something shady in the app and are being overly protective because of it.
But we’re not seeing some screen sharing of the android app. We’re seeing a completely separate web app, running in the browser. The only difference is from where it is syncing its messages. It’s a real web app.
And it works this way because chats are only stored on a single “main” device. Then they sync to connected peripheral clients as needed. I think that’s a good thing, to be honest. I don’t see that as a negative thing. It’s not stored on any server (I assume(?), due to the current behavior), which is nice.
But we’re not seeing some screen sharing of the android app
We’re getting into weeds and details of what is remote and approaching the grey line of question of ownership in online software, services and games. Fact of the matter is, thing didn’t work without a phone for 13 years. Or if a phone is not Android or iOS. Or if a phone is dead. Or if you left your phone at car or at home. Or if a phone has broken camera. Or if it’s out of service. Or if the app has been killed by power or memory optimizer. Or so on and so forth, which is already a terrible UX worthy of criticism.
It’s not stored on any server
It is stored as an encrypted blob on your gdrive. It asks you about it on every login. Otherwise, how would you recover your chat history if you lost or changed your phone.
Locking the data onto one device is actually worse in terms of security. Assume someone stole your phone or just found it after you lost it. Additionally, assume that screenlock has been bypassed - most Android devices are very bad in this regard. Now the other person has access to your messenger and you can’t even kick them out. Not until you go to the carrier and do the whole recovery rigamarole, and get a replacement phone, assuming you don’t actively carry a spare one with an active session with you.
[…] Or so on and so forth, which is already a terrible UX worthy of criticism.
I mean… You get what you get with the provided infrastructure. If you want decentralized storage, this is what you get. I think it’s a good thing. The UX is fine from my perspective. I’m not using WhatsApp for sensitive data or conversations that I need to save indefinitely. So for that purpose, it’s good enough, UX wise. I use the web app all the time, too.
It’s not stored on any server
It is stored as an encrypted blob on your gdrive. It asks you about it on every login. Otherwise, how would you recover your chat history if you lost or changed your phone.
That’s different. That’s not what I mean by your messages being “stored on a server”. What you’re talking about is an incremental backup sync. It’s not where messages are fetched when you receive messages while chatting. Not to mention it’s entirely optional last time I checked. I have it disabled and it doesn’t nag me about it. 🤷♂️
The whole security aspect is surely an issue regardless of app, if the perpetrator is looking to steal your data rather than your hardware. If they have your phone, and bypass the lock screen, then they have your 2FA app and everything. You’re fucked regardless of app.
That’s different. That’s not what I mean by your messages being “stored on a server”. What you’re talking about is an incremental backup sync. It’s not where messages are fetched when you receive messages while chatting. Not to mention it’s entirely optional last time I checked. I have it disabled and it doesn’t nag me about it. 🤷♂️
This “incremental backup” is literally the same thing that’s sitting on your phone and from where the messages are read from and where new messages are appended to. So it’s technically is being read from there, e.g. if you receive a message, uninstall whatsapp before opening reading it, re-install and restore from backup, you’ve technically got a message from google’s server. Secure messengers are not space magic, it’s just a database, probably even just JSON file encrypted with some homebrewn public key crypto derived from a seed phrase. The only difference between WA and other messengers is that Facebook is for some reason very adamant about keeping it at your phone, and also shifts the burden of storing messages to google rather than themselves for some reason.
The whole security aspect is surely an issue regardless of app, if the perpetrator is looking to steal your data rather than your hardware. If they have your phone, and bypass the lock screen, then they have your 2FA app and everything. You’re fucked regardless of app.
Nope. I can literally hand you my unlocked phone and you wouldn’t be able to do anything malicious with it because everything is behind passwords, passkeys, and fingerprint verifications. Last one, not a big fan of, but it’s the only option for some of the apps. You can try some advanced techniques like memory dumping and scavenging keys from there, but if you’re too slow and/or I get to any other device first (even not mine), then there wouldn’t be anything to recover from it at all.
It freaking does. I want to use good apps, but I can’t use good apps. In fact, the only people I am able to convince are my fiancee and my one friend, both female, both tech illiterates (boy let me tell you).
It’s kind of funny. They’re buying the fact that big tech is “spying”/collecting data on us more than my more tech-savvy (male) friends. Or at least, it matters more to my less techy peers, it seems. Maybe my male friends have too much pride, and/or are too lazy to switch? Idfk.
Always talking about “I don’t want another app”. Bitch all we do is just press notifications anyway. Who cares which app it takes us to if you don’t care about privacy. I’m the one who cares, humor me! 🥲
It’s Facebook
It didn’t work on PC until very recently
It’s closed as fuck source. They went as far as sending cease and desists to third party client developers.
It’s tied down to phone number and shares it with everyone you talk to
It’s bolted down to gdrive
Only boomers use it to send trashy GIFs to each other
That’s about all I have, but I’ve never actually used it. Maybe someone else could chime in with more reasons, but for me those are already enough to stay away from it as far as possible.
And then you get to Europe and notice that it’s used by literally everyone… :)
In Russia, too. When I need them I just call them and pretend to be ultra-Z-patriot and do my best to be extra annoying while complaining about them using an illegal app made by a designated extremist organization. Works well enough for them to at least offer another option.
South America, too.
Last point isn’t true unfortunately. My late 20s to mid 30s coworkers use it almost exclusively, as well as most of my customers, and even some businesses (AirBnB, airlines)
Wrong. It had an official webapp since forever.
Wrong. The webapp was (still is?) just a glorified remote to a phone app, and would cease to function if you turn off the phone.
… because chats are E2E encrypted. It still has a web app. Why wouldn’t it count?
The same reason as… say, you can’t say Gran Turismo works on PC, even though its compatible with PlayStation’s remote play.
And I don’t buy the E2EE argument. It’s not impossible to have multiple “ends” on each side e2e. Heck, they’ve done it themselves… In 2022. Given their track record, I’d suspect they’re just doing something shady in the app and are being overly protective because of it.
deleted by creator
But we’re not seeing some screen sharing of the android app. We’re seeing a completely separate web app, running in the browser. The only difference is from where it is syncing its messages. It’s a real web app.
And it works this way because chats are only stored on a single “main” device. Then they sync to connected peripheral clients as needed. I think that’s a good thing, to be honest. I don’t see that as a negative thing. It’s not stored on any server (I assume(?), due to the current behavior), which is nice.
We’re getting into weeds and details of what is remote and approaching the grey line of question of ownership in online software, services and games. Fact of the matter is, thing didn’t work without a phone for 13 years. Or if a phone is not Android or iOS. Or if a phone is dead. Or if you left your phone at car or at home. Or if a phone has broken camera. Or if it’s out of service. Or if the app has been killed by power or memory optimizer. Or so on and so forth, which is already a terrible UX worthy of criticism.
It is stored as an encrypted blob on your gdrive. It asks you about it on every login. Otherwise, how would you recover your chat history if you lost or changed your phone.
Locking the data onto one device is actually worse in terms of security. Assume someone stole your phone or just found it after you lost it. Additionally, assume that screenlock has been bypassed - most Android devices are very bad in this regard. Now the other person has access to your messenger and you can’t even kick them out. Not until you go to the carrier and do the whole recovery rigamarole, and get a replacement phone, assuming you don’t actively carry a spare one with an active session with you.
I mean… You get what you get with the provided infrastructure. If you want decentralized storage, this is what you get. I think it’s a good thing. The UX is fine from my perspective. I’m not using WhatsApp for sensitive data or conversations that I need to save indefinitely. So for that purpose, it’s good enough, UX wise. I use the web app all the time, too.
That’s different. That’s not what I mean by your messages being “stored on a server”. What you’re talking about is an incremental backup sync. It’s not where messages are fetched when you receive messages while chatting. Not to mention it’s entirely optional last time I checked. I have it disabled and it doesn’t nag me about it. 🤷♂️
The whole security aspect is surely an issue regardless of app, if the perpetrator is looking to steal your data rather than your hardware. If they have your phone, and bypass the lock screen, then they have your 2FA app and everything. You’re fucked regardless of app.
This “incremental backup” is literally the same thing that’s sitting on your phone and from where the messages are read from and where new messages are appended to. So it’s technically is being read from there, e.g. if you receive a message, uninstall whatsapp before opening reading it, re-install and restore from backup, you’ve technically got a message from google’s server. Secure messengers are not space magic, it’s just a database, probably even just JSON file encrypted with some homebrewn public key crypto derived from a seed phrase. The only difference between WA and other messengers is that Facebook is for some reason very adamant about keeping it at your phone, and also shifts the burden of storing messages to google rather than themselves for some reason.
Nope. I can literally hand you my unlocked phone and you wouldn’t be able to do anything malicious with it because everything is behind passwords, passkeys, and fingerprint verifications. Last one, not a big fan of, but it’s the only option for some of the apps. You can try some advanced techniques like memory dumping and scavenging keys from there, but if you’re too slow and/or I get to any other device first (even not mine), then there wouldn’t be anything to recover from it at all.
I got my family’s chat onto signal as neither I nor my partner have Facebook accounts and they were using messenger
I deleted my old Facebook account to bring that situation about, though
Good for you. I wish my friends cared enough about privacy. I need more tech bro friends I guess.
Mine aren’t techy. I have them a problem and a solution, they accepted it
That’s the thing. My friends don’t care about the problem. It’s not important enough. 😭
Well that sucks
It freaking does. I want to use good apps, but I can’t use good apps. In fact, the only people I am able to convince are my fiancee and my one friend, both female, both tech illiterates (boy let me tell you).
It’s kind of funny. They’re buying the fact that big tech is “spying”/collecting data on us more than my more tech-savvy (male) friends. Or at least, it matters more to my less techy peers, it seems. Maybe my male friends have too much pride, and/or are too lazy to switch? Idfk.
Always talking about “I don’t want another app”. Bitch all we do is just press notifications anyway. Who cares which app it takes us to if you don’t care about privacy. I’m the one who cares, humor me! 🥲