US, WASHINGTON (ORDO NEWS) — The author severely criticizes the Facebook messenger for its shortcomings, comparing it with Signal, WhatsApp and Telegram. It has a huge number of users – over a billion people, and the problems of security, reliability and confidentiality are still not resolved, the author believes.
If you’re one of the 1.3 billion people who use Facebook Messenger, you’ve already been warned of significant delays in security improvements. The company management calls these improvements “extremely important” but acknowledges the fact that there are serious omissions and shortcomings. Now the situation has become much more serious, and this is due to two important events.
“We need to find a balance between security, privacy and security,” says Facebook of its popular messenger, second only to WhatsApp in popularity. The problem is that this app has found itself at the epicenter of a confrontation between law enforcement and big IT companies over privacy issues. And because of this, more than a billion users were left in limbo in terms of security.
Unlike WhatsApp, your content on Facebook Messenger is not completely secure. The company admits to itself that it spies on your content. And recently we caught her in the fact that she “secretly” downloads private links and files that users exchange.
Facebook says it wants to fix the situation – though Facebook says a lot. The company promises to expand the end-to-end encryption that protects WhatsApp and protects its app and Instagram messages. Such a promise was made two years ago, and since then we have seen one delay after another. Messenger and Instagram have integrated a little, but have not done anything to enhance the protection and privacy of users.
If you use Facebook Messenger, this transition to end-to-end encryption is critical. As I’ve said many times before, don’t just take my word for it. Facebook is saying the same, essentially admitting that such protection prevents the company from snooping on your messages. Again, remember, the company admitted this itself.
Reports that Facebook will provide encryption for more than a billion Facebook Messenger users and a billion-plus Instagram users have sparked a sort of panic among militant lawmakers and intelligence agencies.
The last to have his say was the relatively new head of British MI5, Ken McCallum. He said that by extending end-to-end encryption by default, Facebook is essentially giving leeway to “the worst people in our society,” including terrorists and child molesters who “understand that no one will see what they are engaged. ”
When WhatsApp pressed the big red button in 2016, ensuring end-to-end encryption of all messages from all users, there was no such attention to encoding as it is now. Encryption remained out of the spotlight. And suddenly hundreds of millions (now two billion) of users were able to use the secure platform, leaving lawmakers “in the dark.” If your content is not visible to WhatsApp, then law enforcement agencies will not see it – even if they receive a warrant.
We have known for several weeks that Facebook has postponed the installation of the encoding on its messenger until next year, and this is “the earliest date.” The company attributes this to technical difficulties given the widespread use of the application; but it can be assumed that everything is much more complicated. For comparison, let’s see how quickly the company will develop compensating technologies to cope with Apple’s new privacy feature called App Tracking Transparency.
If the MI5 boss’s warning was the first piece of news addressed to the management of the Menlo Park company, then the second piece was Facebook’s highly remarkable forced retreat, triggered by a scandalous change in WhatsApp’s terms and conditions.
WhatsApp has used end-to-end encryption by default as its main (one might say the only) defense against accusations that Facebook is infringing on the privacy of its users. The WhatsApp boss even wrote an article outlining all the reasons why such protection is “extremely important.” True, he did it when he was threatened by lawmakers and regulators.
The paradox of WhatsApp insisting on end-to-end encryption and Messenger users dispensing with is astounding in itself. But the WhatsApp executive’s article provides many examples of medical, financial, and so on where users don’t want their content to be intercepted by a mysterious big brother. The author says that the big brother is the power of states, domestic and foreign, but the most likely enemy is Facebook itself.
“Giving up your privacy will paralyze us,” warns Will Cathcart. “The power of technology is such that it enables connections at tremendous speed and on a huge scale, and makes information more democratic than any invention. But if we choose to weaken our privacy and security, the exact opposite will happen. Instead of exchanging ideas, we will lose those ideas. Instead of unification, we will face disunity. Instead of giving everyone in the world a voice, we will be gagged.”
It became clear that Facebook would face government blocking. Germany opposed this decision, and it was challenged in other countries. India’s digital security law, which greatly weakening WhatsApp’s security, is in jeopardy, but it is sending a clear message to Facebook that the red lines must not be crossed.
The main paradox is that WhatsApp has come under massive international pressure over user privacy and has been forced to change its plans. However, the pressure on WhatsApp continues to intensify, demanding the company to sacrifice user privacy by providing law enforcement officers with bypass tools so that they can see users’ content. “We cannot take end-to-end encryption for granted,” Cathcart said, referring to Europe, India and Brazil. “There is serious pressure to try to take it away from us.”
If WhatsApp is forced to abandon its encryption, it will have a huge impact on secure communications around the world. Many security officials admit that this will help their investigators, but hundreds of millions of people around the world who use WhatsApp (as well as secret messages Signal, iMessage and Telegram) to protect themselves from their authorities will be at risk.
But hindering encryption from expanding is another matter entirely, especially when you consider the huge difference between WhatsApp and Messenger. The second application is multi-platform, it does not need a phone number or even the phone itself, which makes it easier to use it anonymously and for minors.
So there is a reasonable case for not providing Facebook Messenger with end-to-end encryption by default like WhatsApp does. It is used by many more minors, and it is very easy to switch from the main Facebook platform to the messenger, and therefore there is a danger that it can be used by those who want to influence the most vulnerable. In WhatsApp, everything is different – there you can’t hunt users and make contact with them at will.
Facebook doesn’t need to know much about WhatsApp users because there is no link to a profile. Integration with social networks Instagram and Facebook violates this model and creates privacy risks. The same can happen in the case of connecting commercial and financial functions.
We need to recognize the difference between social networks and messengers. The former need personal information for partial public exchange, while the latter do the opposite. The debate has drawn attention to this difference. Nobody says that terrorist attacks and other serious crimes are being planned in full view on Facebook Messenger. But it is part of the world’s largest social media platform, which poses other risks.
Remember, we are talking here not only about contemplated crimes – after all, there are still dangerous groups with special interests, there is propaganda, radicalization, confidence building, recruitment. WhatsApp began as a point-to-point messenger, a step up from SMS. Groups have complicated this situation, and Facebook seems to be determined to turn this messaging system into something like a social network. But WhatsApp is still used primarily as a face-to-face communication system.
Therefore, embedding in this content will simply lead to the fact that there will be other options for receiving and transmitting messages. In Facebook Messenger, we tag threads, activities, interesting people, and then follow those threads to find out where they lead. From the point of view of law enforcement agencies, if you disconnect the connection between all these people, no one will raise the alarm, and researchers will not be able to penetrate into various “spaces” in an attempt to understand what is happening there.
The arguments about terrorism, serious and organized crime are more difficult to put forward. Of course, this is not the same as propaganda, recruitment and radicalization. But the branches lead to new places.
So let’s figure it out. Facebook cannot afford to declassify WhatsApp encryption for one very important reason – it is the main tool to protect against negative reactions to data exchange, which this year seriously damaged this platform.
WhatsApp constantly says: don’t worry, we don’t see your content, nor does Facebook. If end-to-end encryption is removed, these arguments collapse. Unsurprisingly, WhatsApp has sued the Indian government to prevent it from introducing a “source of information” rule. There are only a couple of steps from here to breaking the encoding.
But if / when Facebook prepares encryption for its messenger, it will be safe to expect a strong backlash from many countries around the world that will want to prevent the introduction of such encryption. Some form of compromise is sure to be needed here. Maybe you need to postpone encryption on Facebook Messenger again or change the model. But if you change the model, there is a risk of weakening protection, including in WhatsApp. Eventually they will fall into the same category.
“Our plans to encrypt Facebook Messenger and Instagram Direct Messaging will follow the WhatsApp model,” the company says. – WhatsApp uses a combination of other signals, including user messages, unencrypted account-level information, account metadata and, crucially in this context, certain traffic data items. This is done to ensure the protection of users and to ensure that no harm is done with the help of our services. ”
This argument is similar to an excerpt from the user privacy guidelines that allow Facebook to extract metadata in order to identify and signal dangerous behavior. But metadata gives little, and it will obviously not be enough for legislators and special services.
So, follow WhatsApp’s advice and insist on end-to-end encryption by default, but don’t expect Facebook Messenger to be such an improvement. Instead, move on to something else, especially with regard to your personal correspondence. Assume that everything sent via Facebook Messenger is not protected from surveillance and analysis.
There is no need to delete this messenger, all the more difficult if you want to remain a Facebook user. But you definitely need to transfer your private chats and all the secrets to WhatsApp – or even better to Signal.
Contact us: [email protected]