Schlagwort-Archive: Whatsapp

Is it time to leave WhatsApp – and is Signal the answer!

 

The Facebook-owned messaging service has been hit by a global backlash over privacy. Many users are migrating to Signal or Telegram. Should you join them?

Whatsapp, Signal and Telegram app icons  on a smartphone screen
WhatsApp, Signal and Telegram: three leading choices for messaging services. Photograph: Rafael Henrique/Sopa Images/RexShutterstock
 

Earlier this month, WhatsApp issued a new privacy policy along with an ultimatum: accept these new terms, or delete WhatsApp from your smartphone. But the new privacy policy wasn’t particularly clear, and it was widely misinterpreted to mean WhatsApp would be sharing more sensitive personal data with its parent company Facebook. Unsurprisingly, it prompted a fierce backlash, with many users threatening to stop using the service.

WhatsApp soon issued a clarification, explaining that the new policy only affects the way users’ accounts interact with businesses (ie not with their friends) and does not mandate any new data collection. The messaging app also delayed the introduction of the policy by three months. Crucially, WhatsApp said, the new policy doesn’t affect the content of your chats, which remain protected by end-to-end encryption – the “gold standard” of security that means no one can view the content of messages, even WhatsApp, Facebook, or the authorities.

 

But the damage had already been done. The bungled communication attempts have raised awareness that WhatsApp does collect a lot of data, and some of this could be shared with Facebook. The BBC reported that Signal was downloaded 246,000 times worldwide in the week before WhatsApp announced the change on 4 January, and 8.8m times the week after.

WhatsApp does share some data with Facebook, including phone numbers and profile name, but this has been happening for years. WhatsApp has stated that in the UK and EU the update does not share further data with Facebook – because of strict privacy regulation, known as the general update to data protection regulation (GDPR). The messaging app doesn’t gather the content of your chats, but it does collect the metadata attached to them – such as the sender, the time a message was sent and who it was sent to. This can be shared with “Facebook companies”.

Facebook’s highly criticised data collection ethos has eroded trust in the social network. Its practices can put vulnerable people at risk, says Emily Overton, a data protection expert and managing director of RMGirl. She cites the example of Facebook’s “people you may know” algorithm exposing sex workers’ real names to their clients – despite both parties taking care to set up fake identities. “The more data they profile, the more they put people in vulnerable positions at risk.”

And the social network isn’t known for keeping promises. When Facebook bought WhatsApp in 2014, it pledged to keep the two services separate. Yet only a few years later, Facebook announced aims to integrate the messaging systems of Facebook, Instagram and WhatsApp. This appears to have stalled owing to technical and regulatory difficulties around encryption, but it’s still the long-term plan.


Why are people choosing Signal over Telegram?

Signal, a secure messaging app recommended by authorities such as the Electronic Frontier Foundation and Edward Snowden, has been the main beneficiary of the WhatsApp exodus. Another messaging app, Telegram, has also experienced an uptick in downloads, but Signal has been topping the charts on the Apple and Android app stores.

Signal benefits from being the most similar to WhatsApp in terms of features, while Telegram has had problems as a secure and private messaging app, with its live location feature recently coming under fire for privacy infringements. Crucially, Telegram is not end-to-end encrypted by default, instead storing your data in the cloud. Signal is end-to-end encrypted, collects less data than Telegram and stores messages on your device rather than in the cloud.


Does Signal have all the features I am used to and why is it more private?

Yes, Signal has most of the features you are used to on WhatsApp, such as stickers and emojis. You can set up and name groups, and it’s easy to send a message: just bring up the pen sign in the right-hand corner.

Signal has a desktop app, and you can voice and video chat with up to eight people. Like WhatsApp, Signal uses your phone number as your identity, something that has concerned some privacy and security advocates. However, the company has introduced pin codes in the hope of moving to a more secure and private way of identifying users in the future.

As well as being end-to-end encrypted, both WhatsApp and Signal have a “disappearing messages” feature for additional privacy. The major difference is how each app is funded. WhatsApp is owned by Facebook, whose business model is based on advertising. Signal is privacy focused and has no desire to analyse, share or profit from users’ private information, says Jake Moore, cybersecurity specialist at ESET.

Signal is supported by the non-profit Signal Foundation, set up in 2018 by WhatsApp founder Brian Acton and security researcher (and Signal Messenger CEO) Moxie Marlinspike, who created an encryption protocol that is used by several messaging services, including WhatsApp and Skype as well as Signal itself. Acton, who left Facebook in 2017 after expressing concerns over how the company operated, donated an initial $50m to Signal, and the open-source app is now funded by the community. Essentially that means developers across the world will continually work on it and fix security issues as part of a collaborative effort, making the app arguably more secure.

But there are concerns over whether Signal can maintain this free model as its user base increases to the tens, or potentially in the future, hundreds of millions. Signal is adamant it can continue to offer its service for free. “As a non-profit, we simply need to break even,” says Aruna Harder, the app’s COO.

Signal is exclusively supported by grants and donations, says Acton. “We believe that millions of people value privacy enough to sustain it, and we’re here to demonstrate that there is an alternative to the ad-based business models that exploit user privacy.”


I want to move to Signal. How do you persuade WhatsApp groups to switch?

The momentum away from WhatsApp does appear to be building, and you may find more of your friends have switched to Signal already. But persuading a larger contact group can be more challenging.

Overton has been using Signal for several years and says all her regular contacts use the app. “Even when dating online, I ask the person I want to go on a date with to download Signal, or they don’t get my number.”

Some Signal advocates have already begun to migrate their groups over from WhatsApp. Jim Creese, a security expert, is moving a neighbourhood text group of 100 people to Signal. He is starting with a smaller sub-group of 20, some of whom struggle with technology. Creese says most are ambivalent about switching “as long as the new method isn’t more difficult”.

He advises anyone who’s moving groups across apps to focus on the “why” first. “Explain the reasons for the change, how it is likely to affect them, and the benefits. Don’t rush the process. While WhatsApp might not be where you want to be today, there’s no emergency requiring an immediate move.”

Moore thinks the shift away from WhatsApp will continue to gain momentum, but he says it will take time to move everyone across. Until then, it’s likely you will need to keep both WhatsApp and Signal on your phone.

Moore is in the process of moving a family chat to Signal, for the second time. “When I originally tried, one family member didn’t understand my concerns and thought I was being overcautious.

“However, the recent news has helped him understand the potential issues and why moving isn’t such a bad idea. The next hurdle will be getting my mother to download a new app and use it for the first time without me physically assisting her.”

Source: https://www.theguardian.com/technology/2021/jan/24/is-it-time-to-leave-whatsapp-and-is-signal-the-answer

The Messenger Alternatives

Some use the internet, some function without servers, some are paid and others are free, but all these apps claim to have one thing in common—respect for user privacy

alternate apps_bgImage: Jaap Arriens/NurPhoto via Getty Images

Ever since WhatsApp announced an update in its privacy policy, thousands of people rushed to download messenger alternatives such as Signal and Telegram. While these two have been in the news for their security features that are tighter than the messaging giant’s, there are other applications that have been around, used for both facilitating consumer-to-consumer messaging and within enterprises for their internal communication.While some of these alternative apps need the internet, others don’t. Some function without servers with peer-to-peer technology, and are on a subscription model, while others are free to use. But they all claim to have one thing in common–respect for users’ privacy.

Although security and privacy-related technologies are constantly evolving making it difficult to lay down a clear benchmark for which app is completely secure, there are a few things users should be aware of to ensure their privacy is not compromised, say technology and privacy experts.First, says Divij Joshi, technology policy fellow at Mozilla Foundation, a global non-profit, “It’s definitely important to have a communications protocol based on end-to-end encryption.”End-to-end encryption refers to a system of communication wherein only the sender and receiver can read the messages and see the content shared.However, Joseph Aloysius, a Singapore-based student researcher in surveillance studies, says, “Even with encryption it is important that it is device-based end-to-end encryption, and not cloud-based. In addition, the encryption setting should be a default setting, not optional as seen in Telegram.”Another point to keep in mind is to ensure that technologies collect as little metadata–information not related to the message content but things like quantum or location of messages–as possible, adds Joshi.Second, they should be open source and left open for public auditing. “Ideally, it’s best if companies leave the server code open as Signal has done,” says Aloysius.Both Joshi and Aloysius are of the view that it is also necessary to ensure that the corporate practices of the application are clear and fair. “For instance, terms of use, the privacy policy, so they can’t alter the technology or data collection practices arbitrarily,” says Joshi.Although there has been an uproar about the latest changes to the privacy policy, WhatsApp continues to remain popular primarily due to its ease of use and convenience, say experts. “For some, it may also be a cost concern. There may also be a false sense of security since nothing apparent has gone wrong and there have been no consequences to date for them using the app for business purposes,” explains Heidi Shey, principal analyst, security and risk, Forrester.However, if you are a user who is concerned about privacy, here is a lowdown on alternatives to WhatsApp and the features they offer.Wickr

wickr

The San Francisco-based app, founded in 2012, is used by some of the biggest players in the federal space including the U.S. Department of Defense. It has also been validated by the National Security Agency as the, “most secure collaboration tool in the world,” says co-founder and CTO of Wickr, Chris Howell. He adds, “Our government and enterprise customers choose Wickr because we have the most secure, end-to-end encrypted platform on the market that enables sensitive mission and business communications without compromising compliance.”Wickr’s largest user base is in the US, followed by Europe, India and Australia, but it has seen an uptick in both their consumer and commercial platforms ever since WhatsApp announced plans to update its privacy policy, says Howell.While the app can be deployed by organisations in highly regulated industries such as banking, energy, healthcare and the federal government, one of its versions, Wickr Me, is more suitable for one-on-one conversations with family and friends. Wickr cannot identify owners because it doesn’t have access to any personal information. The data is encrypted and not accessible to the company. All the messages are stored on the user’s device and for a brief period on Wickr’s servers, but get deleted upon delivery. Since messages are end-to-end encrypted, even when messages are on the server, they are not available to the company.With Wickr Me, users can share files, photos, videos and voice messages, and also do video and audio conferencing. The messages are ephemeral, meaning they only exist for a limited amount of time and get permanently deleted from the sending as well as the receiving device after a while. Therefore, if the recipient doesn’t check Wickr frequently, the messages may never get delivered. “Wickr’s security architecture and proprietary encryption methodology is designed to ensure that only users can gain access to their message content. Users’ content is encrypted locally on their device and is accessible only to intended recipients,” explains Howell.Jami

jami

An open-source service, Jami doesn’t store users’ personal information on a central server, guaranteeing users full anonymity and privacy. Around since 2013, Christophe Villemer, advocacy vice-president of the Canada-based messenger app, says, “We really are a newcomer in the market, we estimate there are around 100,000 users around the globe but our community is growing every day.” He says Jami is peer-to-peer, which means it doesn’t require a server for relaying data between users. Therefore, users don’t have to worry about a third party conserving their video or data on its servers. With features such as HD video calling, instant and voice messaging, and file sharing, the service is free to use. All the connections are end-to-end encrypted. “At Jami, we think that privacy is a primary right on the internet. Everybody should be free not to give their data to corporations to benefit from an essential service on the internet,” says Villemer. “Also, we think that our solution, as it’s peer-to-peer, is globally better for the environment because it does not rely on huge server farms or data-centers,” he adds. Users of the service have no restrictions in terms of the size of the files they share, nor speed, bandwidth, features, number of accounts or storage. In addition, if users are on the same local network, they can communicate using Jami even if they are disconnected from the internet. “There will never be advertising on Jami,” says Villemer.Briar

briar

Briar Messenger is a not-for-profit organisation that started off as a project by Michael Rogers in an attempt to support freedom of expression, freedom of association, and the right to privacy. In India, Briar is extremely popular in Kashmir. Reason? It can work without the internet via Wi-Fi or Bluetooth. Launched in 2018, this application uses direct, encrypted connections to prevent surveillance and censorship. Briar allows users to form private groups (with one admin that can invite others), write blogs, and also create public discussion forums. The application doesn’t rely on central servers and sends across messages without leaking metadata.Torsten Grote, senior developer, Briar Messenger, says, “Briar is for users who have higher security requirements such as not wanting to reveal who their contacts are (think journalist and source) or for users who need to keep the communication going when the internet is not available, be it because of natural disasters or deliberate shutdowns.” So far, Briar has around 200,000 downloads on Google Play and around 100,000 downloads from their website. The application is also available on F-Droid and other independent stores, which don’t track downloads. However, “thanks to the WhatsApp policy change,” says Grote, “we are seeing 7x the usual number of downloads.”Threema

threema

In 2012, three young software developers from Switzerland decided to create a secure instant messenger that would prevent the misuse of user data by companies and surveillance by governments. After Facebook bought WhatsApp in early 2014, the number of users climbed to 2 million in just a few weeks. “In Threema, all communication is protected in the best possible way by end-to-end encryption. Since Threema is open source, users can independently verify that Threema doesn’t have access to any user data that could be handed over to third parties,” says Roman Flepp, head of marketing and sales, Threema.One of Threema’s guiding principles is “metadata restraint”, which means if there is no data, no data can be misused, either by corporations, hackers or surveillance authorities. Currently, the messenger has over 9 million users. In the light of the recent WhatsApp privacy issue, Flepp claims the daily download numbers have increased significantly, by a factor of 10. This growth has been consistently high since the policy change was announced. He adds, “This whole controversy could be a game changer. Now more and more people are looking around for a more private and secure messaging solution.”The application can be used not only by individual users, but also businesses. Threema has various business solutions such as Threema Work and Threema Education. “Especially in the business environment, it is crucial that a secure and privacy-compliant solution is used for work-related communication. We see a great demand, more than 5,000 companies are already using our business solution Threema Work,” says Flepp. Currently, the team is working on creating a multi-device solution that will allow users to use Threema on multiple devices.****While a bunch of these applications are great options for secure peer-to-peer messaging, it is not a very sustainable revenue model for most of these companies. Hence, a few of them have moved to offer enterprise solutions. “For business use, a consumer-focused messaging app [like WhatsApp] is insufficient because it isn’t designed with business requirements for security, privacy, and compliance in mind,” says Shey.Post the recent announcement about the policy changes, a lot of government organisations and companies banned the use of applications like WhatsApp on company-issued devices and for work. We take a look at some applications that offer paid messaging solutions to businesses.Wire

wire

Though the idea for Wire was conceived in 2012, the product was only launched in 2014 and initially for consumers. However, in 2017, the Germany-based company decided to focus mainly on enterprises. This was because, says Morten Brøgger, CEO of Wire, “We were against giants like Facebook, and consumers were not willing to understand the importance of privacy and pay for it.” This was also around the same time that the General Data Protection Regulation (EU GDPR) was coming up, and privacy was becoming a major concern for organisations. “Hence, we felt the solution we built would be extremely compelling to enterprise consumers,” he adds.Currently, Wire has close to 1,800 paid customers, which mainly include governments and large enterprises, whereas, for the general free solution, they have about half a million monthly active users. Most of their paid customers are in Germany, North America, Australia, the Middle East, and some European countries.Most of the traditional enterprise SaaS solutions have a few risk points, including “man in the middle vulnerability” since the cloud provider is in the middle, which means all the processing and storage happens on the cloud. The main weakness here is that the cloud provider can technically access the encryption key, which means the cloud provider can technically read and listen to all your content. However, Wire has a very different architecture, wherein there is no man in the middle. “All the data resides in the application on your device. There is some storage on the cloud, for bigger files, and these are secured with individual encryption keys. But the encryption keys only exist on the devices of our users, there’s no copy of the keys on the cloud,” Brøgger says.Another USP of this open-source application is that every time you send or receive a message—be it a text message, call, video conference or screen share—the encryption key updates, hence giving each individual message a unique encryption key. Says Brøgger, “We don’t know who the users are, what they are using it for and we barely collect any metadata, whatever little is collected to help synchronise different devices is also anonymised.”Currently, the company is going at 400 percent revenue growth year-on-year. “We saw a great spike in the paid clients at the beginning of the pandemic, and now [due to the WhatsApp privacy policy issue] since enterprises are becoming more aware of the importance of privacy.”Troop

troop_messenger

Troop Messenger was launched in mid-2018 as an internal messaging app for enterprises. “It is a home-grown, made in India, robust and a secured business messaging platform,” says CEO and founder Sudhir Naidu. A single platform, it enables internal teams to chat, make audio and video calls, convert them into conferencing, share screens, and create groups. It also features a self-destructible chat window to exchange secured information, and will shortly introduce an email client so users can both send e-mails and messages. “We have pledged that we would not sell any kind of user data to any third-party organisations. We assess and track all kinds of intrusions and attacks and follow the policy of honestly disclosing to clients if there is a breach which involves a threat to their data,” says Naidu. Additionally, Troop follows a stringent and comprehensive internal security framework and policy, in terms of development, testing and release.Besides Indian enterprises, Troop Messenger has been seeing good traction from the US, UK and the Middle East, informs Naidu. “We see three times the usual daily registrations for our platform, since the [WhatsApp] policy came out,” he says. “Businesses that were using WhatsApp before are actively looking out for much safer and business-oriented platforms such as ours,” he adds.Arattai

arattai

Zoho Corp, which has products like Zoho Mail and Zoho Business Suite, released a beta version of its messaging application Arattai, meaning chit-chat in Tamil, in the middle of the pandemic in 2020. “More than 70,000 users have already downloaded Arattai and we didn’t advertise at all,” says Praval Singh, VP, marketing at Zoho Corp. “The final application is close to being launched,” he adds. As a privately held company, Singh says, their focus is on user privacy. “We have retained that we’ve held that stance in many ways for our enterprise and business users. And we would like to take it forward with consumer applications as well. For example, we don’t use our own application or data of users to share with third parties, either as a monetisation strategy or for any other reason. So, data that sits on an application doesn’t go to a third party,” he says. In fact, they own their data centers. Therefore, they are not dependent on any third party or public clouds for storage. Spike

spike

Initially released in October 2018, Spike is a conversational and collaborative email application that turns legacy email into a synchronic chat-like experience, adding tasks, collaborative notes and multimedia to create a single feed for work.Instead of using another application, Spike turns an individual’s email address inbox into a hub for chatting with co-workers, friends, and family–as well as a place to work on documents, manage tasks, and share files. Unlike WhatsApp groups, says Dvir Ben-Aroya, co-founder and CEO of Spike, “Spike groups provide a real-time collaborative tool for businesses, without switching between separate team messenger apps.” The application promises to store minimum data to provide fast communication and ensure privacy. Currently, Spike has over 100,000 active teams using this application.“We’ve seen a drastic uptick in users after the WhatsApp announcement, but since we track minimal user data, we cannot access specific data or directly attribute these users’ behaviour with correlation to using WhatsApp,” he says. Its highest user base is in the US, Germany, the UK, and it is very popular in India, especially among students and educators.(With inputs from Namrata Sahoo)

Source: https://www.forbesindia.com/article/take-one-big-story-of-the-day/whatsalt-the-messenger-alternatives/65909/1

How Whatsapp spies on Your Messages – WhatsApp Retransmission Vulnerability

According to Tobias Boelter tobias@boelter.it

Download the Slides from Tobias here: Whatsapp Slides from Tobias Boelter

Setting: Three phones. Phone A is Alice’s phone. Phone B is Bob’s phone. Phone C is the attacker’s phone.

Alice starts by communication with bob and being a good human of course meets with Bob in person and they verify each other’s identities, i.e. that the key exchange was not compromised.

Remember, Alice encrypts her messages with the public key she has received from Bob. But this key is sent through the WhatsApp servers so she can not know for sure that it is actually Bob’s key. That’s why they use a secure channel (the physical channel) to verify this.

Now, Alice sends a message to Bob. And then another message. But this time this message does not get delivered. For example because Bob is offline, or the WhatsApp server just does not forward the message.

wa3

Now the attacker comes in. He registers Bob’s phone number with the WhatsApp server (by attacking the way to vulnerable GSM network, putting WhatsApp under pressure or by being WhatsApp itself).

Alice’s WhatsApp client will now automatically, without Alices‘ interaction, re-encrypt the second message with the attackers key and send it to the attacker, who receives it:

wa2

Only after the act, a warning is displayed to Alice (and also only if she explicitly chose to see warnings in here settings).

wa1

Conclusion

Proprietary closed-source crypto software is the wrong path. After all this – potentially mallicious code – handles all our decrypted messages. Next time the FBI will not ask Apple but WhatsApp to ship a version of their code that will send all decrypted messages directly to the FBI.

Signal is better

Signal is doing it right. Alice’s second message („Offline message“) was never sent to the attacker.

signal3 signal1 signal2

Signal is also open source and experimenting with reproducible builds. Have a look at it.

Update (May 31, 2016)

Facebook responded to my white-hat report

„[…] We were previously aware of the issue and might change it in the future, but for now it’s not something we’re actively working on changing.[…]“

https://tobi.rocks/2016/04/whats-app-retransmission-vulnerability/

Download the Presentation here: Whatsapp Slides from Tobias Boelter

Whatsapp spies on your encrypted messages

Exclusive: Privacy campaigners criticise WhatsApp vulnerability as a ‘huge threat to freedom of speech’ and warn it could be exploited by government agencies

Research shows that the company can read messages due to the way WhatsApp has implemented its end-to-end encryption protocol.
Research shows that WhatsApp can read messages due to the way the company has implemented its end-to-end encryption protocol. Photograph: Ritchie B Tongo/EPA

A security backdoor that can be used to allow Facebook and others to intercept and read encrypted messages has been found within its WhatsApp messaging service.

Facebook claims that no one can intercept WhatsApp messages, not even the company and its staff, ensuring privacy for its billion-plus users. But new research shows that the company could in fact read messages due to the way WhatsApphas implemented its end-to-end encryption protocol.

Privacy campaigners said the vulnerability is a “huge threat to freedom of speech” and warned it can be used by government agencies to snoop on users who believe their messages to be secure. WhatsApp has made privacy and security a primary selling point, and has become a go to communications tool of activists, dissidents and diplomats.

WhatsApp’s end-to-end encryption relies on the generation of unique security keys, using the acclaimed Signal protocol, developed by Open Whisper Systems, that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman. However, WhatsApp has the ability to force the generation of new encryption keys for offline users, unbeknown to the sender and recipient of the messages, and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered.

The recipient is not made aware of this change in encryption, while the sender is only notified if they have opted-in to encryption warnings in settings, and only after the messages have been resent. This re-encryption and rebroadcasting effectively allows WhatsApp to intercept and read users’ messages.

The security backdoor was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley. He told the Guardian: “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.”

The backdoor is not inherent to the Signal protocol. Open Whisper Systems’ messaging app, Signal, the app used and recommended by whistleblower Edward Snowden, does not suffer from the same vulnerability. If a recipient changes the security key while offline, for instance, a sent message will fail to be delivered and the sender will be notified of the change in security keys without automatically resending the message.

WhatsApp’s implementation automatically resends an undelivered message with a new key without warning the user in advance or giving them the ability to prevent it.

Boelter reported the backdoor vulnerability to Facebook in April 2016, but was told that Facebook was aware of the issue, that it was “expected behaviour” and wasn’t being actively worked on. The Guardian has verified the backdoor still exists.

The WhatsApp vulnerability calls into question the privacy of messages sent across the service used around the world, including by people living in oppressive regimes.
Pinterest
The WhatsApp vulnerability calls into question the privacy of messages sent across the service used around the world, including by people living in oppressive regimes. Photograph: Marcelo Sayão/EPA

Steffen Tor Jensen, head of information security and digital counter-surveillance at the European-Bahraini Organisation for Human Rights, verified Boelter’s findings. He said: “WhatsApp can effectively continue flipping the security keys when devices are offline and re-sending the message, without letting users know of the change till after it has been made, providing an extremely insecure platform.”

Boelter said: “[Some] might say that this vulnerability could only be abused to snoop on ‘single’ targeted messages, not entire conversations. This is not true if you consider that the WhatsApp server can just forward messages without sending the ‘message was received by recipient’ notification (or the double tick), which users might not notice. Using the retransmission vulnerability, the WhatsApp server can then later get a transcript of the whole conversation, not just a single message.”

The vulnerability calls into question the privacy of messages sent across the service, which is used around the world, including by people living in oppressive regimes.

Professor Kirstie Ball, co-director and founder of the Centre for Research into Information, Surveillance and Privacy, called the existence of a backdoor within WhatsApp’s encryption “a gold mine for security agencies” and “a huge betrayal of user trust”. She added: “It is a huge threat to freedom of speech, for it to be able to look at what you’re saying if it wants to. Consumers will say, I’ve got nothing to hide, but you don’t know what information is looked for and what connections are being made.”

In the UK, the recently passed Investigatory Powers Act allows the government to intercept bulk data of users held by private companies, without suspicion of criminal activity, similar to the activity of the US National Security Agency uncovered by the Snowden revelations. The government also has the power to force companies to “maintain technical capabilities” that allow data collection through hacking and interception, and requires companies to remove “electronic protection” from data. Intentional or not, WhatsApp’s backdoor to the end-to-end encryption could be used in such a way to facilitate government interception.

Jim Killock, executive director of Open Rights Group, said: “If companies claim to offer end-to-end encryption, they should come clean if it is found to be compromised – whether through deliberately installed backdoors or security flaws. In the UK, the Investigatory Powers Act means that technical capability notices could be used to compel companies to introduce flaws – which could leave people’s data vulnerable.”

A WhatsApp spokesperson told the Guardian: “Over 1 billion people use WhatsApp today because it is simple, fast, reliable and secure. At WhatsApp, we’ve always believed that people’s conversations should be secure and private. Last year, we gave all our users a better level of security by making every message, photo, video, file and call end-to-end encrypted by default. As we introduce features like end-to-end encryption, we focus on keeping the product simple and take into consideration how it’s used every day around the world.

“In WhatsApp’s implementation of the Signal protocol, we have a “Show Security Notifications” setting (option under Settings > Account > Security) that notifies you when a contact’s security code has changed. We know the most common reasons this happens are because someone has switched phones or reinstalled WhatsApp. This is because in many parts of the world, people frequently change devices and Sim cards. In these situations, we want to make sure people’s messages are delivered, not lost in transit.”

Asked to comment specifically on whether Facebook/WhatApps had accessed users’ messages and whether it had done so at the request of government agencies or other third parties, it directed the Guardian to its site that details aggregate data on government requests by country.

Concerns over the privacy of WhatsApp users has been repeatedly highlighted since Facebook acquired the company for $22bn in 2014. In August 2015, Facebook announced a change to the privacy policy governing WhatsApp that allowed the social network to merge data from WhatsApp users and Facebook, including phone numbers and app usage, for advertising and development purposes.

Facebook halted the use of the shared user data for advertising purposes in November after pressure from the pan-European data protection agency groupArticle 29 Working Party in October. The European commission then filed charges against Facebook for providing “misleading” information in the run-up to the social network’s acquisition of messaging service WhatsApp, following its data-sharing change.

https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages

Facebook Messenger On Android Hits 1 Billion Downloads

Only two companies have apps with over 1 billion Google Play downloads, and the other is Google. Today Facebook proved just how big a business replacing SMS can be, as its leader David Marcus announced Messenger has now been downloaded over 1 billion times on Android. It joins Facebook and WhatsApp, and Google’s Gmail, YouTube, Search, and Maps in this very exclusive club.

Messenger’s strategy of layering modern mobile sharing features over a speedy texting app has paid off, and it looks like Facebook’s just getting started. With VOIP, video calling, stickers, voice clips, peer-to-peer payments, location, and a whole platform of third-party content creation apps, Messenger wants to own every way you communicate. And it partially is for well over 600 million users.

11406840_10155749985835195_5645524173167231589_n

Combined with WhatsApp’s streamlined SMS alternative, Facebook controls messaging in a way that deeply insulates it from disruption. Snapchat and Yik Yak might steal a few users from its social network feed, but Facebook’s already focusing on the next fundamental communication utility.

In fact, Facebook has been subtly baking Messenger munch deeper into its product.

When you graph search for people, like friends who like a certain band, Facebook shortcuts you to ping them on Messenger, not visit their profile. When it’s a friend’s birthday, in some cases Facebook now recommends that you message them Happy Birthday, rather than writing it on their wall.

Messenger In Facebook

Just last week, Facebook overhauled how Messenger handles map and location sharing to lay the groundwork for a slew of new GPS-enabled features. Before, finding where to meet up with people was the domain of Nearby Friends in the main Facebook app.

And Facebook’s secret weapon in the messaging wars is that chat isn’t where it makes its money. Rather than having to cram Messenger full of ads or convince you to buy Sticker packs, it just has to tie people closer to its big brother Facebook where lucrative mobile ads earn enough money to provide for the whole family.

messenger-location-sharing3

Getting to this point wasn’t easy. Facebook had offend the pride of its whole userbase by telling them they were required to download whole other app for Messaging. It wasn’t sweet, but the medicine went down, and Facebook saw engagement rise once chat wasn’t buried in its blue behemoth. Freed from the extra weight, Messenger was thin and agile enough to build out its bells and whistles.

With former PayPal President David Marcus in command and expert product guy Stan Chudnovsky as his first mate, in just the last six months Messenger has:

Meanwhile, the other giant with deep enough pockets to fund a true attempt at owning messaging has spent the past few years distracted by moonshots. Google was late to launch its mobile messenger, which was dragged down by Google Plus. It squandered its Hangouts product’s early lead in video chat, and missed on the chance to acquire WhatsApp, which could have turned this into a two-horse race.

facebooks-family

Instead, Facebook saw that messaging was the center of mobile, the app you use the most times per day. If it’s the reason you open your phone at first, it’s wedged a foot in the door to become the second and third thing you do too. And with China’s WeChat pioneering the chat-app-as-a-portal roadmap, Facebook can just port what works to the rest of the world.

After years of people asking what would be the Facebook killer, Facebook happily provided its own answer.

Quote: http://techcrunch.com/2015/06/09/the-new-facebook

Facebook’s WhatsApp Will Be How the World Makes Phone Calls

Further Reading: http://www.wired.com/2015/04/facebooks-whatsapp-worlds-next-phone

WhatsApp is the world’s most popular smartphone messaging app, letting more than 800 million people send and receive texts on the cheap. But it’s evolving into something more.

On Tuesday, the company, which is owned by Facebook, released a new version of the app that allows people with iPhones to not only text people, but actually talk to them. This built on a similar move the company made at the end of March, when it quietly released an Android update that did the same thing. And in the week following the addition of voice calling on Android, WhatsApp-related traffic increased about 5 percent on carrier networks, according to a study by Allot Communications—an Israeli company that helps manage wireless network traffic worldwide.

That figure will likely get a lot bigger as WhatsApp shifts from being the world’s favorite messaging app to become a more wide-ranging—and bandwidth-intensive—communication tool.

Others have offered internet voice calls on smartphones, most notably Skype and Viber. But WhatsApp is different. So many people already use the app, and the company is intent on keeping it free (or nearly free). Though it has little traction here in the US, WhatsApp is enormously popular in parts of Europe and the developing world—areas where there’s a hunger for cheap communication. The result is an app that could bring inexpensive Internet calls to an audience of unprecedented size.

Developing World

The rapidly evolving WhatsApp is but one face of the dramatic technological changes sweeping across the developing world. So many companies are working to bring affordable smartphones to the market, from China’s Xiaomi to the Silicon Valley’s Cyanogen, as many others, from China’s WeChat to Viber, push cheap communication services onto these devices.

These technologies face the usual obstacles—and WhatsApp is no exception. Though the app is expected to reach a billion users by year’s end, its push into voice calls could alienate many wireless carriers. If you have free internet calls, after all, you don’t need to pay for cellular calls. Some carriers may fight the tool as a result, says Allot associate vice president Yaniv Sulkes.

But the same could be said of messaging on WhatsApp. It too cuts into the carriers’ way of doing things. And yet, WhatsApp has thrived. It has so much traction in large part because it has cultivated partnerships with carriers, striking deals that bundle its app with lost-cost wireless services. According another Allot survey, about 37 percent of the carriers now have deals with WhatsApp or similar inexpensive Internet-based services—a sharp rise over the past few years. “More and more operators are adopting the strategy of ‘let’s partner with them’ rather than ‘let’s fight them,’” Sulkes says.

In the meantime, Facebook is pushing for somewhat similar arrangements, through its Internet.org initiative, that bundle limited Internet access with access to specific apps. Mark Zuckerberg and company have encountered some opposition to these deals. But the combined might of Facebook and WhatsApp will be hard for carriers to resist.

Video Next?

As WhatsApp spreads, Sulkes believes, it will keep pushing into new services. After rolling out voice calling, he says, it may venture into video calling. The app already lets you send files, including videos, and other messaging apps, such as SnapChat, already have ventured into video calls.

None of these tools—video calls, voice calls, file sharing—are new technologies. But not everyone has them. WhatsApp has the leverage to change that. The app has grabbed hold of the developing world in rapid fashion, and now it can serve as a platform for bringing all sorts of modern communications to the far reaches of the globe. Yes, there’s another major obstacle to overcome: so much of the developing world doesn’t have the network infrastructure to accommodate these kinds of modern services. But Facebook is set to change that, too.

Whatsapp Calls on Iphone

Further Reading: http://www.forbes.com/sites/amitchowdhry/2015/04/21/whatsapp-voice-calling-ios/ and http://www.macrumors.com/2015/04/21/whatsapp-gains-voice-calling/

WhatsApp, the popular mobile messaging service owned by Facebook, has released a major update to its iPhone app today. The update includes the highly-anticipated WhatsApp Calling feature, which rolled out to every Android user late last month. The WhatsApp Calling feature is comparable to Skype and the FaceTime Audio service on iOS. Data charges may apply while using the WhatsApp Calling feature.

“Call your friends and family using WhatsApp for free, even if they’re in another country. WhatsApp calls uses your phone’s Internet connection rather than your cellular plan’s voice minutes,” said WhatsApp in its app update description. 

Unfortunately, The WhatsApp Calling feature is rolling out slowly so you may not see it right away. The new calling feature should be available for every iOS user within the next few weeks. Prior to launching WhatsApp Calling for Android, the messaging company ran a lengthy beta test.

WhatsApp version 2.12.1 also includes an iOS 8 share extension, a quick camera button in chats, the ability to edit your contacts right from WhatsApp and an option to send multiple videos at once. You can also crop and rotate videos before sending them. The iOS 8 share extension lets you share photos, videos and links to WhatsApp from other apps. And the quick camera button lets you seamlessly capture photos and videos or choose a recent camera roll photo or video.

WhatsApp Update For iOS / Credit: WhatsApp

How does WhatsApp Calling for iOS work? If someone calls you through WhatsApp, you will see a push notification from the messaging service showing who the call is from. Once you answer the call, you will notice that there are options to mute the call or put it on speakerphone. You can also send a message to the person calling you. If the WhatsApp Calling feature for iOS is similar to the Android app, then you will see a Calls tab that has a list of your incoming, outgoing and missed WhatsApp calls. Personally, I do not have access to WhatsApp Calling for iOS app yet.

Launched in 2009, WhatsApp started out as a simple group text messaging app. Four years later, WhatsApp added a voice messaging service. And then Facebook acquired WhatsApp for $19 billion in February 2014. Several months ago, WhatsApp launched a desktop client called WhatsApp Web — which you can activate with an Android, BlackBerry, Windows Phone or Nokia S60 device.

Earlier this month, WhatsApp hit 800 million monthly active users. WhatsApp has been adding about 100 million monthly active users every four months since August. In January, WhatsApp hit 700 million monthly active users. WhatsApp now has more users than every other messaging app, including Facebook Messenger. It took Facebook about 8 years to hit 1 billion users. Facebook now has about 1.4 billion monthly users and Facebook Messenger has roughly 600 million users.“

„After promising to deliver voice calling capabilities back in 2014, WhatsApp has finally delivered, introducing voice over IP features in its latest update. With the new version of the app, it’s possible for WhatsApp users to call friends and family directly within the app using a Wi-Fi or cellular connection at no cost.

The introduction of voice calling to the Facebook-ownedWhatsApp app puts it on par with Facebook’s other messaging app, Facebook Messenger, which gained voice calling back in 2013. It also allows the app to better compete with other iOS-based VoIP calling options like Skype and FaceTime Audio.

Today’s WhatsApp update also brings a few other features, including the iOS 8 share extension for sharing videos, photos, and links to WhatsApp from other apps, contact editing tools, and the ability to send multiple videos at one time.

What’s new
-WhatsApp Calling: Call your friends and family using WhatsApp for free, even if they’re in another country. WhatsApp calls use your phone’s Internet connection rather than your cellular plan’s voice minutes. Data charges may apply. Note: WhatsApp Calling is rolling out slowly over the next several weeks.

-iOS 8 share extension: Share photos, videos, and links right to WhatsApp from other apps.

-Quick camera button in chats: Now you can capture photos and videos, or quickly choose a recent camera roll photo or video.

-Edit your contacts right from WhatsApp.

-Send multiple videos at once and crop and rotate videos before sending them.

WhatsApp can be downloaded from the App Store for free. The new WhatsApp calling feature will be rolling out to users over the next few weeks.“

Facebooks WhatsApp reaches the next level with its Voice Calling Functionality

Read the Full Story here: http://www.forbes.com/sites/parmyolson/2015/04/07/facebooks-whatsapp-voice-calling/

Whatsapp-Future

„WhatsApp’s head office is among the most impressive you can find in start-up infested Mountain View, California, with glass walls cascading down from a rooftop patio that apparently glows at night.

You’d never guess that one of the most disruptive forces in the history of the telecommunications industry was housed inside.

Like the older, smaller digs it once frequented down the road on Bryant Street, there is no hint of corporate signage out in front. Just an abstract sculpture called “Caring” by California artist Archie Held, and a small Zen garden tucked in a corner of the lobby.

All very calming, but not for mobile carriers. This time last year, WhatsApp’s then-470 million users had already erased an estimated $33 billion in SMS revenue from wireless operators. That number is growing. Between 2012 and 2018 the entire telecommunications industry will have lost a combined $386 billion between 2012 and 2018 because of OTT services like WhatsApp and Skype, according to Ovum Research.

Today WhatsApp has more than 700 million people using it at least once a month, sending more than 10 billion messages a day. At its current rate of growth it should pass the 1 billion user mark before the end of 2015. The company doesn’t push through many updates. While other messaging apps like WeChat, Kik and Facebook Messenger host content and e-commerce services to become all-encompassing platforms, WhatsApp has limited its new features to communications.

Now the stakes for the world’s biggest messaging company are about to get much higher as it pushes through one of the most fundamental methods of communication out there: voice calling.

In February WhatsApp began rolling out the feature to select users across the world who could receive calls through the app. Receiving a call allowed them to make calls too. Then last week it offered an application file on its website which, if downloaded, allowed anyone with an Android phone to call other WhatsApp users.

The feature is expected to launch on Windows Phones and iOS phones soon, and already, around 20 million people including 2 million in Germany have been able to test it, says Pamela Clark-Dickson, a telecom analyst at Ovum Research, citing a source close to Facebook.

WhatsApp’s staff of approximately 80 people were spread thinly across three stories in their impressive 20,000 square foot building when I last visited in late 2014. The edgy graffiti that once adorned WhatsApp’s walls had taken on a more sophisticated, Banksy-like flavor inside: marking the third floor’s entrance was a huge mural of a woman riding a bicycle in Hong Kong, a reminder of WhatsApp’s international popularity.

WhatsApp had been living a hermetic, four-year existence in the Silicon Valley bell jar before Facebook swooped in and bought the company for $22 billion in February 2014. It continued that air of secrecy in the months afterwards, except now it was subject to a steady stream of visitors and it needed a pair of security guards to mind the entrance to its headquarters.

WhatsApp’s resources with Facebook were only just starting to converge in the wake of their landmark deal, with Facebook now helping with legal matters and public affairs. “We were very cheap when we were WhatsApp,” said Neeraj Arora, WhatsApp’s long-time business development head when asked about how money was being spent. “We’re more disciplined now because we are part of a public company.”

Yet Facebook’s largesse makes it easier to pull off big expansion plans. At the top floor, Arora pulled back one of the blinds and pointed to the roof of another building about a block away that was still under construction.

Milling about on top in ant-like proportions were half a dozen construction workers wearing bright yellow vests. This was WhatsApp’s next headquarters, scheduled to be ready for them to move in in 2015: an 80,000-square-foot colossus that would include a gym and a floor big enough for all departments to be together once again.

WhatsApp had actually leased the building before the Facebook deal, a confident move by the founders who fully believed that in three-to-five years they would have a workforce of around 500.

Today with big plans to become a comprehensive communications service and all-round-new-breed of phone company, that looks more likely than ever.

Though many of us already make free calls on Skype, Viber or Apple’s FaceTime, WhatsApp’s calling service stands to be the most popular of them all simply because it has the highest single number of active users.

“It has the potential to affect mobile voice revenues [for carriers] more so than LINE or Viber or even Skype, which is not that big on mobile,” says Clark-Dickson.

That’s troubling news for carriers like AT&T or Vodafone for two reasons. WhatsApp’s rise coincides with the gradual erosion of a carrier’s relationship with consumers, relegating them to the grey world of infrastructure inhabited by Cisco and Ericsson, packet-based networks whose primary role is to transport data.

It will also cost them revenue. Voice minutes are already falling across the industry, according to Ovum, which says mobile network revenues will contract for the first time in 2018 as over-the-top services like WhatsApp push us towards using data rather than voice minutes.

While mobile data revenues will grow by a compound annual rate of 8% to reach $586.4 billion globally in 2019, voice will decline by 3% over the same period, to $472.7 billion. North America and Western Europe will be hardest-hit with respect to mobile voice revenues, with these regions representing nearly 80% of the global voice revenue decline.

This points to the frustrating paradox for carriers: enormous growth but tighter margins. Consumers have developed an insatiable demand for data, Facebooking, YouTubing and Netflixing on their mobile phones at all hours of the day. Cisco predicts mobile data traffic will increase 11-fold from 2013 to 2018. But the average revenue per user (ARPU) for carriers is falling, because the cost of data is getting cheaper. Imagine McDonald’s customers buying 10 times more food, but only ordering french fries.

Data used to contribute a disproportionately high level of revenue in relation to traffic when it was mainly related to SMS. Back in 2005 for instance, someone sending 3,000 text messages was sending less than 0.1MB data per month. Now that load has increased into the gigabytes. ARPU for carriers has remained steady since 2010, but what’s changed is that data now makes up more than half of their total revenue, and overshadowed voice for the first time earlier this year.

Data is essentially devouring voice. T-Mobile and Verizon are already dealing with this by launching Voice over LTE which transforms a voice call into a data call, and doubling the amount of data available to customers for the same price.

With voice and SMS margins dwindling, carriers may eventually be forced to stick to flat-rate data plans which are being pioneered by younger operators like 3 and Tele2, and taking full advantage of their expensive new 4G networks. WhatsApp’s voice feature might not necessarily be a disaster for carriers if it boosts their data revenues further. But Clark-Dickson warns that “even if data traffic revenue increased, it would not go back to the old revenue days.”

What’s infuriating for carriers is how WhatsApp and its ilk can run a potentially profitable service on top of their expensive infrastructure. Just last year, carriers bid more than $40 billion on new wireless spectrum at a government auction for a high-band spectrum that could carry more data than usual. Good timing for WhatsApp’s voice plans, since the new spectrum will lead to smoother connections and less hiccups in the service, though it could take around two years for the faster data speeds to kick in.

For their part, Koum and his team have long insisted that WhatsApp is no enemy to carriers. Instead they’ve partnered with more than 100 of them around the world, asking carriers to not count the use of WhatsApp against their data allowance. In other words, when a customer’s data allowance runs out, they can still use WhatsApp. It’s unclear how those partnerships will develop when voice kicks in. T-Mobile has formed a similar partnership with Facebook and with music streaming, and the model is helping around half the world’s carriers improve their revenue prospects, according to one recent survey.

Still, some carriers have taken their time before getting on board with WhatsApp. It took a while, for instance, before leading Latin American carrier America Movil agreed to partner with the company.

WhatsApp has rolled out its voice feature in a characteristically slow and methodical way, introducing it to tranches of users at a time. Its founders Jan Koum and Brian Acton were more interested in making sure the service worked reliably than getting it out to their user base quickly.

Voice is trickier than messaging to do well. Real-time communications services have to contend with drop-outs and lags, as anyone who’s ever made a Skype call will know. That’s a big reason why WhatsApp is behind schedule on voice, according to people at the company. Co-founder Koum originally said the feature would be available in the second half of 2014, but it’s only just becoming available now.

For mobile operators, the extra time to prepare for what could be a major disruption to one of their most precious revenue sources is a small silver lining, says Clark-Dixon. “Mobile operators had 12 months to prepare and plan for this, so they know what’s coming,” she says. Still, she adds, “I don’t think operators have moved quickly enough.”

Carriers have increasingly bundled data, voice and SMS into a single rate, while operators like Vodafone and Sprint have signed up to the Rich Communication Services (RCS) standard, their own version of a web-based service to compete with apps like Viber and WhatsApp.

RCS, marketed under the name joyn, has been around for eight years. Yet until a year ago carriers offered these web-based services through their own third-party apps, says Clark-Dixon. Only recently have they started integrating them into an Android phone’s native dialler and texting applications. The number of people who have phones with the service are likely in the single-digit millions, she estimates, which means it could be too little too late to counteract the expected popularity of WhatsApp voice calling.

WhatsApp is still a ways off from being what you could call a phone company, with all the infrastructure and back-end billing and customer care services that entails. But it’s also graduating from the status of simple OTT player to a new kind of communications service provider. In the meantime, it should heed the mistakes of carriers who moved too slowly in the face of disruptive upstarts.

“We’ve been waiting a year for [WhatsApp voice calling] and it’s still only available on Android. It’s rolling out across market slowly,” Clark-Dickson warns, pointing to competitors like Viber, LINE and WeChat who have already have voice calling enabled for some time. “It needs to move more quickly in communications and with VoIP.”

WhatsApp Call: Details zum kostenlosen VoIP-Telefonie-Dienst

WhatsApp Call ist offiziell gestartet.

Teltarif.de zeigt Ihnen den kostenlosen VoIP-Dienst des Smartphone-Messengers in Bildern:
welche neuen Funktionen und Menüs die Android-Anwendung von WhatsApp ab sofort mit sich bringt

WhatsApp Call: So sieht die Nutzung in der Praxis aus

Nachdem ein WhatsApp Call angenommen wurde, lässt sich das Gespräch wie bei einem herkömmlichen Telefonat über das Mobilfunknetz führen. Die Übertragungsqualität ist abhängig vom verwendeten Smartphone und natürlich auch vom Internet-Zugang, der während der Verbindung am Smartphone zur Verfügung steht.

Während des Anrufs werden Name und Profilbild des Gesprächspartners angezeigt. Mit der virtuellen roten Taste lässt sich das Telefonat beenden. Dazu können die Freisprech-Funktion ein- und ausgeschaltet werden, das eigene Mikrofon lässt sich deaktivieren und wieder abschalten und es besteht auch die Möglichkeit, vorübergehend ins Chat-Fenster zu wechseln, um eine Textnachricht zu übermitteln. Diese bekommt der Gesprächspartner aber nicht sofort angezeigt, sondern erst dann, wenn er ebenfalls den Chat aufruft.

Auf der fünften Seite sehen Sie, was passiert, wenn Sie einen WhatsApp-Kunden anrufen möchten, der bereits einen WhatsApp Call führt.

WhatsApp Call während einer Sprachverbindung