of course not
fuck off

>>55475508
end to end would imply they can't look at your messages. They can.

>>55475519
How if you are using the secret conversations?

>>55475508
>trusting a corporation that is based on data mining and selling your information
Yeah, I'm totally sure this is safe.

For someone who claims to care a lot about privacy the signal dev sure loves to shill for botnet corporations.

>Is it alright to use this now?
It should be as long as you're not important. Whatsapp silently disables encryption for suspect users to help law enforcement.

>>55475541
You're trusting Facebook on their word. There is literally no proof they don't have a "master key" or a copy of your private key.

>>55475508
Fuck that shit. Made my Lenovo s580 laggy as fuck. Now I use Disa and got rid of whatsapp messenger at the same time.

Encryption is opt-in per conversation. A great way to signal "HEY THIS IS A MESSAGE YOU SHOULD LOOK AT" to whatever 3 letter agency that will of course be able to decrypt your message given that no one knows what the Facebook app is doing behind-the-scenes anyway. For example, there's no way to know if Facebook sends a copy of your message through regular non-encrypted means.

Stick to Free software.

Why is secret chat only available for one on one conversations? Same thing with telegram.

>>55475552
>Whatsapp silently disables encryption for suspect users to help law enforcement.
got a link on that?

>>55475552
>Whatsapp silently disables encryption for suspect users to help law enforcement.
That's the most tinfoil thing I've ever heard.
Facebook can and probably does just decrypt the messages since they have full control.

>>55475788
I fail to understand why facebook would bother making a messenger while they own whatsapp already.

>>55475552
They have been blocked twice here in Brazil and fined at around 6 million US Dollars for specifically not helping law enforcement

>>55475909
Nobody gives a shit about brazillian law enforcemnet.

>>55475909
Why would that be a bad thing? Facebook is not a brazilian corporation. If anything, they are a vector for subversion.

>>55475508
Never rely on the word of closed source software.

>>55476008
As if you could check what code the server is using. It is not even wise to leave it in the open either.

I'm very glad to see this. I asked them to do it when I met them, and they didn't tell me.

>>55475508
It's using legit Signal protocol, but it's not on by default like it is on WhatsApp.

I'm told they want to make sure they get it right - including multiple-device support - before rolling out the E2E encryption to everyone.

I'm not sure what the big deal is there, WhatsApp does multi-device fine with the same underlying protocol: you just encrypt to every device.

It will disable server-side message search and a few other things like that, and that is ruffling feathers there. That argument is still going on internally I think.

>>55475767
Although unlike Telegram, the actual encryption doesn't suck.

>>55475850
WA is run as a separate entity to FB. As in, it's actually firewalled out, separate.

I don't really know why. Something to do with the buyout terms maybe?

>>55475552
Are you sure? I don't think it does. If you have a sample or test case, please post.

I've reverse-engineered the WhatsApp client since they implemented the full Signal and Noise protocols, and I haven't seen anything like that. It passed my audit. The only reason I don't rate it higher than Signal is that it's closed-source.

They could set your number to 'legacy' mode on the server, as if you had an older version of the client, and MITM. But if they did that, anyone who's got the newer version and has seen you log in before they did that, would get a warning in a chat with you that your key has changed, or that you have downgraded - i.e. there is protection against this. They seem legit: although, with a caveat that of course I cannot check the server side, but Axolotl does limit what the server can usefully do to attack - other than metadata, of course, but that's a Hard Problem.

check it

>>55477788
check'd

do you even need to ask OP? suckerberg would kill his family for money and power, of course he'll hand out the logs

>>55477788
Sorry hun, the board skipped your lucky quints.

Back on topic:

>>55475519
If you're using the end-to-end encryption, they cannot. I do lament that it's opt-in, but I must admit I never expected them to add it to FB Messenger at all, despite my encouragement.

>>55475568
If you're asserting they could backdoor the client, you're right to some extent, especially with JS implementations, even serving different implementations to different people.

Of course, if they did, someone like me would look out specifically for that, and call them out on it quite loudly. A few "canary" accounts and some automated comparison telemetry via hashes would reveal that pretty quickly, and it would be quite a scoop. Even if it's not open-source.

They appear, on first blush, to use a reference Signal implementation with no particular bullshit. It's more than I expected. They really need to take that one step further and go opt-out.

I know this: they are furious about the NSA and GCHQ. Absolutely, apoplectically livid. Not because they care about your privacy as such - although certainly the engineers in security are very well aware how much of the world's population uses their stuff, how much of a target for attack it therefore is, and accordingly treat the platform with some due respect. The impression I got was, the upper management cares most of all because that's THEIR data, dammit, they don't want to have it stolen from them or give it away to some tinpot bureaucrat.

So, not exactly spirited cypherpunks - they're commercial and business-focused, and pragmatic not ideological. But they do mostly feel the same way as us on this particular issue, even if we have polar opposite disagreements on others (such as the whole Real Name bullshit).

>>55475508
>this release does not enable end to end encryption for all conversations by default
no