Whatsapp Is Now End-to-End Encrypted

Whatsapp is now offering end-to-end message encryption:

Whatsapp will integrate the open-source software Textsecure, created by privacy-focused non-profit Open Whisper Systems, which scrambles messages with a cryptographic key that only the user can access and never leaves his or her device.

I don't know the details, but the article talks about perfect forward secrecy. Moxie Marlinspike is involved, which gives me some confidence that it's a robust implementation.

EDITED TO ADD (11/20): Slashdot thread.

Posted on November 18, 2014 at 12:35 PM • 51 Comments

Comments

Mace MonetaNovember 18, 2014 12:56 PM

When they say 'end-to-end' it's not clear from their description whether Whatsapp's server is one of the ends, or whether it's encrypted end-user-to-end-user. I suspect the former, because otherwise they would lose access to the data which they sell. If that is in fact the case, this is worthless.

Donald DuckNovember 18, 2014 1:01 PM

@ Mickey Mouse

Facebook doesn't need to monetize every piece of data, but it's important that users keep using their services. Remember this only encrypts content of communication. Whatsapp still has address books and chat metadata.

TomNovember 18, 2014 1:38 PM

What ? No !
Nothing to stop the NSA demanding they use a private key of the NSA choosing, for instance.
StartSSL has free SSL certificates covered anyway.

anonymousNovember 18, 2014 2:02 PM

As a Facebook stockholder I am not amused. I want Mark Z. to squeeze as much money as possible out of the morons that use his services.

carrotsNovember 18, 2014 3:08 PM

I'm guessing this is temporary since Facebook has to get some value for their purchase. Buying off a competitor for 22 billion would be just waste of money. The server most probably acts as a trusted man in the middle. Did anyone find out how the keys are generated? IIRC CALEA states that if the company is in control of the keys, they will have to provide them.

anonNovember 18, 2014 4:56 PM

Whatsapp info isn't sold by Facebook to advertisers. They have their own business model where they earn 99¢ per year per customer after the first year, which is a freeby. They refused to monetize user data and made their independence a condition of selling to FB.

They've always had horrible security though. Maybe the owner was smart enough to avoid pissing off the wrong people until after he got a big payday.

Bruce MangeeNovember 18, 2014 4:57 PM

Ok, assume the content is safe. Whatsapp can still use the metadata to make money. So nothing is lost for FB. XD

NateNovember 18, 2014 5:09 PM

Count me as extremely surprised if it turns out that Facebook don't hold the encryption keys. A lot of players in the social media space are shouting 'encryption' as if it means something, when what they are actually saying is '... encryption between your device and our server, where we get to store all the data, because you can trust us'.

When they're precisely the ones we _can't_.

It's nice to encrypt 'data in flight'. But it's meaningless when it gets decrypted anyway and then goes into a huge Big Data black box. With any amount of secret backchannels either to the NSA, to ad partners, or to the CEO's personal office.

Fourth ProtocolNovember 18, 2014 6:11 PM

As ever, if an app needs access to my contacts it doesn't get installed. I realize that this is useful to many, but to some it's a deal breaker. WhatsApp doesn't give the user that choice.

LightnNovember 18, 2014 6:26 PM

Jeez people, I know you dislike Facebook, but do a *little* research before accusing them of bad security.

It is end-to-end encryption. Go read the Open Whisper System blog. Moxie Marlinspike knows what he's doing and has designed a very good asynchronous private messaging protocol.

NateNovember 18, 2014 7:53 PM

@Lightn: Yes, the article is indeed claiming device-to-device encryption and that Whatsapp staff 'can't read even it themselves'.

That's great if it's true. It's also, unfortunately, almost literally unbelievable given Facebook's current business model and corporate culture. It's going to be very interesting times for Whatsapp as a division when they receive the first lawful intercept request and say 'no' to the FBI. And when they receive the first data mining request from Mark Zuckerberg and also say 'no' to him.

Would they stand firm and do a Lavabit? There's going to be a heck of an internal corporate culture war between the Facebook parent company and Whatsapp if so.

It seems like there would be immense pressure on them from both the CEO and the US Government to provide something less than a cheap military-strength communication service that can be used by, eg, ISIS and drug dealers and that provides zero useful data that can be sold to marketing partners. Pay $19 billion, get potential Federal national-security charges, and no monetizable data in return. Is that really a good deal for a company like Facebook?

If this works out it may well help rehabilitate Facebook's reputation. But the odds seem pretty stacked against it. I would be extremely surprised if there wasn't some kind of quiet little workaround so that it's 'totally private... unless we REALLY NEED to look'.

pNovember 19, 2014 5:28 AM

I don't see how this is something like a big step. Unless for marketing, of course.

Which doesn't mean I think Facebook/WhatsApp somehow "have the keys" or something. It at least could be that this is really as safe as could normally be expected from Moxie Marlinspike and friends, i.e. that Axolotl Ratchet protocol used for TextSecure with its perfect forward secrecy and everything, without stuff added as a backdoor. (Can't be sure, of course, but let's just assume that's true.)

Sure, the services would like to scan every message for "bomb", but normally, there's not really much useful stuff to be found there.

Metadata is much more important. Found someone you think should be targeted, like someone overly interested in internet security or Islam? Just ask WhatsApp for all his contacts and get all their phone numbers (be they WhatsApp users themselves or not). And if you really think he's important enough to watch his text messages, well, just install a key logger on his phone.

It's the metadata they want, and knowing the contacts of people. Message contents are nice, but not that important for mass surveillance. They become important when a person is specifically targeted, of course, but there are other ways of getting to that information. It might be a nuisance to have to use them, and it might make everything more complicated and time-consuming for the services. But it won't stop them.

So WhatsApp/Facebook are still collecting the stuff that is actually important for mass surveillance. But now they get to boast about how secure WhatsApp has suddenly become. Why still use any of the other crypto-messengers that actually try to hinder mass surveillance, like TextSecure itself?

Bob S.November 19, 2014 5:50 AM

Textsecure sounds legit. Facebook is a known, remorseless data intruder. There is zero chance data will be secured by them.

This sounds like the deal where MS bought Skype and immediately gave BB complete access.

What's needed is an independent secure app minus any/all connection to the corporate-military regime. The way they play all of us for suckers is getting really old.

ThothNovember 19, 2014 6:52 AM

No proof, no talk. Simple. They need to publish their stuff first and get reviews. Publish the server codes as well.

Bittorrent Sync got busted recently for data leaks found by researchers (this week squid blog). Yet another so called security software smelling more like anake oil or rats den. Lost trust in these security stuff these days because its really just packaging, hype and no security eventually.

ANovember 19, 2014 7:11 AM

Hm, with Bob S on this one, this is a no news release and it doesn't seem to change anything but reveal there is an easy workaround.

Haven't been following this blog much but are there blockchain topics discussed here?

GrauhutNovember 19, 2014 1:35 PM

@Fourth protocol: Android? -> Xprivacy! ;)

github.com/M66B/XPrivacy

The only good matrix is the one that you have setup as the architect.

anonNovember 19, 2014 9:29 PM

I don't see the conflict.

For those people who are willing to pay for a service that respects their privacy - They provide Whatsapp.

For those people who would rather be surveilled by advertisers than pay 99¢/yr - They provide FB Messenger

Different strokes for different folks.

As for the talk of terrorists using this ... I think terrorists would prefer a tool that gave them some anonymity instead of one that uses their phone number as their ID and auto-syncs with their phone's contact list.

Nick PNovember 19, 2014 10:52 PM

We know how Facebook is. We also know how they bought WhatsApp for a large sum of money with more to come if WhatsApp sticks with them. His story about living in a surveillance state sounds great but he made a fortune building a service that makes that easy. Moxies work is pretty good but how does Moxie know that's what's in the app? We're getting back to the subversion problem that was illustrated long ago.

The problem is easier to understand if you rephrase the situation. The alternative phrasing might say that WhatsApp deployed an alternative to text messaging with a centralized service that makes eavesdropping easy for NSA-style attackers. Then, Facebook (a surveillance oriented company) bought them in a multi-billion dollar acquisition. Then, many months after that, they announce they were deploying TextSecure with Moxie's help to improve privacy. They convinced him of this at least. Knowing this for sure needs their source code, his, the blend, and confirmation of the translation to object code. (Along with the translation toolset.)

Then, they continue to run it on the platforms the surveillance state has 0-days on without mentioning that. The WhatsApp founder mentions instead how he develops this unverified code running on insecure TCB to fight the kind of governments he escaped as a kid. Despite the fact that breaching this would be child's play for our government surveillance state.

I'll add this gem from the writer:

"The result is practically uncrackable encryption for hundreds of millions of phones and tablets that have Whatsapp installed—by some measures the world’s largest-ever implementation of this standard of encryption in a messaging service."

Uncrackable encryption for "hundreds of millions of phones and tablets" that our governments have 0-days for. And now have a Facebook-owned app to ensure their privacy. Why aren't more people laughing at this lol?

WinterNovember 20, 2014 4:44 AM

I agree with p. The content of messages is largely irrelevant. The value is in the meta data: Who contacts whom when. Short messages between people who know each other well are extremely difficult to evaluate.

I am more interested in knowing whether the meta data, e.g, end point addressees, are encrypted in-flight. Because that would prevent metadata eavesdropping outside Whatsapp.

Nick PNovember 20, 2014 6:58 AM

Nate makes a great point:

"Pay $19 billion, get potential Federal national-security charges, and no monetizable data in return. Is that really a good deal for a company like Facebook?"

Also remember that Facebook works with NSA and is owned by a company connected to Russian mob. Facebook's acquisition would be a great deal for its partners.

anonNovember 20, 2014 8:54 AM

Just download the app for a bit and get some familiarity with it.

You never setup a username ... It just makes your cell phone number into your user name - we're already giving up identifying information and I haven't messaged anyone yet.

Then you don't ever have to actually add any contacts ... It automagically checks the contact list on your phone and adds any of them (because their phone # is their username) who have WhatsApp to your WhatsApp contact list.

So I still haven't messaged anyone but they know my phone number and the phone numbers of all of my contacts. Because it's difficult to buy a smart phone as a burner, those phone numbers are probably linked to our name, address and payment information ... leaving a great metadata trail for investigators.

But that's not the issue. WhatsApp has never claimed to provide anonymity and anyone who's used the application for even a minute knows that all their metadata is owned. What they're providing is confidentiality of your actual messages and a promise not to monetize your metadata, in return for your subscription fee. That metadata will still be available to WhatsApp and it should be assumed that it's also available to the police with minimum friction.

This is not bitmessage or threema or silent circle ... but it still deserves a pat on the back because it's not google hangouts or FB messenger either (those services store your content in plain text on their servers).

I think we should applaud advancements like this, while making sure that no one misunderstands their level of security.

PantagruelNovember 20, 2014 9:26 AM

Textsecure is a valuable asset well worth what facebook paid for it. We're talking about people who are stupid enough to use facebook. A customer like that is worth his weight in gold. You could sell him a magical invisibility hat.

BoppingAroundNovember 20, 2014 9:51 AM

What they're providing is confidentiality of your actual messages and a promise not to monetize your metadata, in return for your subscription fee. That metadata will still be available to WhatsApp and it should be assumed that it's also available to the police with minimum friction.

And for everyone else sooner or later (if not now). Their 'promises' are not worth anything. They are *words*.

Whatsapp info isn't sold by Facebook to advertisers. They have their own business model where they earn 99¢ per year per customer after the first year, which is a freeby. They refused to monetize user data and made their independence a condition of selling to FB.

Subscription fee? 99 cents per year? Verizon charge much more for a month and still sell you to advertisers.

By the way, in April 2012 FB bought instagram. I am not aware what the conditions were though. Eight monthes later this was introduced. I'll provide a copy of the text below:

On December 17, 2012 Instagram announced a change to its terms of use, stating that "you agree that a business or other entity may pay us to display your username, likeness, photos (along with any associated metadata), and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you".

There was no apparent option for users to opt out of the changed terms of use without deleting their accounts,[101] and the move garnered severe criticism from privacy advocates as well as consumers.[citation needed] After one day, Instagram apologized saying that it would remove the controversial language from its terms of use.

"Our intention in updating the terms was to communicate that we'd like to experiment with innovative advertising that feels appropriate on Instagram."

I am not sure if applauding for the false sense of security is the right thing to do.

NateNovember 20, 2014 2:37 PM

Those numbers don't seem to quite add up.

At $1 per user per year and 500 million users, that's a gross income (not profit) of $0.5 billion per year if WhatsApp's revenue stream is coming only from user charges.

Facebook paid $19 billion. Are they really expecting to wait 40 years just to make back their initial investment?

NateNovember 20, 2014 3:15 PM

And from the Slashdot article:

"because texting internationally via WhatsApp costs you 63p a year as opposed to nearly that per text! All the ex-pats and foreigners that I know seem to be the biggest users of it."

So. We have a messaging application which is _primarily used by expats and non-American citizens_ - for whom the NSA can take the full 'gloves off' approach and would be VERY interested in eavesdropping. And for which $19 billion was paid.

And suddenly THIS application is the one for which a US-based company claims to be introducing unbreakable encryption.

I'm sorry that I'm so cynical. I really am.

By the way, the Register noted that Whisper Systems (along with Tor and several other privacy projects) received $450,000 from Radio Free Asia - which is pretty much an official State Department / CIA propaganda organ, isn't it? How exactly does this work as a coherent national security strategy, when State is funding 'privacy' while NSA is funding eavesdropping?

https://www.opentechfund.org/sites/default/files/attachments/otf2013annualreportfinal.pdf

Tbqh the feeling I get from reading that report is less 'tools for privacy' than 'tools for starting revolutions against governments we dislike, ie, China. Did we mention China? China.'

With the suspicion that if you tried to use these US government funded 'privacy and activism tools' against the 'wrong' government, you might find they didn't work so well.

As I said, I'm sorry I'm so cynical.

Nick PNovember 20, 2014 3:55 PM

@ Nate

You mean the Open Technology Fund invested in them? Cuz the document shows they fund a lot of good projects with the likes of Moxie and Bruce as advisors. That spooks want cheap, privacy tools for themself sometimes works to our advantage.

You're probably right about their intent, though. Ill add that a lot of this runs on insecure platforms. Means they can accomplish the mission without destroying SIGINT capabilities. I think OTF has the habit as a side effect of responding to demand for specific platforms or tools. That it also ensures SIGINT effectiveness is just something spooks hope for and usually get.

Good news is there's a few companies and FOSS trying better approaches.

NateNovember 20, 2014 6:40 PM

@nickp: Yes, I mean the Open Technology Fund literally IS a Radio Free Asia program directly sponsored by the US State Department through Congress. on page 4:

"The Open Technology Fund is a Radio Free Asia (RFA) program created in early 2012 with U.S. Congressional funds and sustained through annual grants to RFA from the Broadcasting Board of Governors (BBG) to promote global Internet freedom and combat online censorship. Although RFA’s mission is to support the free flow of information and press freedom to closed societies in Asia, the BBG has given OTF a global remit in order to carry out Congress’ mandate to support Internet freedom in repressive societies worldwide. The BBG selected RFA to house its new global internet freedom program because of its responsive and agile profile, nonprofit nature, and ability to a leverage private funding, among other factors.

..

In FY 2013, OTF received $4.3 million from the BBG. Nearly ninety percent of OTF’s grant funds from the BBG were used in direct support of OTF’s programmatic work, composed of 20 projects and initiatives aimed at promoting Internet freedom. Of this portfolio, 17 were groundbreaking anti-censorship and circumvention projects that increase unrestricted access, security and privacy for
Internet users in censored environments worldwide. OTF also implemented three service-based initiatives to strengthening the Internet freedom community writ large by augmenting privacy and security standards, building localization capacity, and enabling rapid response to emerging Internet freedom challenges anywhere in the world.

..

Open Technology Fund Annual Report: Key Results from Fiscal Year 2013
In Fiscal Year 2013, the OTF program:
•Supported the growth of censorship-resistant secure online chat and text messaging from 200,000 regular users to over 10 million globally;
•Funded the creation of the first open-source Mobile Human Rights Reporting tool capable of circumventing repressive firewalls and enabling voluminous data collection and analysis;
•Partnered with leading Internet security experts to conduct 30 technology code audits leading to the patching of 185 privacy and security vulnerabilities identified in both OTF and non-OTF-funded Internet freedom technologies currently used;
•Supported detailed security and privacy assessments of more than 100 mobile networksworldwide;
•Established and grew a localization platform of more than 1,400 people working to translate 30 tools and 1.7 million words into 180 languages and dialects including Arabic, Farsi, Korean, Tibetan, Mandarin, Spanish, Ukrainian, and Vietnamese;
•Publicly released four reports including Collateral Freedom in China, an exploration of Chinese circumvention technology; How to Evaluate Technical Audits as a Funder, a methodology for funders looking to conduct security audits;
Access and Openness: Myanmar 2012 an assessment of the telecommunication, censorship, and onli ne safety landscape in Burma; and Tools for Communication Security;
•Increased circumvention capacity in the Middle East and Asia by activating the first high-capacity Tor exit-node in South East Asia and establishing a Secure Cloud node in Istanbul,Turkey;
•Supported the creation of a Tunisian civil-society “hackerspace” defending Internet freedom for the region;
•Conducted eight informational training sessions for NGOs, journalists and human rights activists on anti-circumvention tools for use in regions where freedom of expression iscontinuously threatened;
•Pioneered increased transparency through full disclosure of OTF’s financial expenditures and programmatic operations online at www.opentechfund.org and in public reports;
•Diversified the OTF Advisory Council to expand the scope and breadth of expertise guiding OTF project decisions by tripling the Council from 6 to 18 members;
•Convened an Internet Freedom summit of OTF project teams, OTF’s Advisory Council, NGOs, and partner funders for in-depth discussion, technical collaboration, brainstorming coordinatedsolutions and strategic planning for the coming year;
•Received unprecedented interest from potential projects, vetting 68 concept note submissions requesting over $17 million, a fivefold increase from 2012;
•Significantly expanded OTF’s proposal and project evaluation system, making it easier to compare and monitor current and potential projects; and
•Maintained lean and agile operations, with nearly 90% of OTF’s budget - approximately $3.8 million - directly supporting programmatic work.


THIS IS EXACTLY THE SAME US CONGRESS THAT JUST VOTED TO REJECT THE NSA REFORM BILL. They may be politicians, but they didn't get there by being dumb. They're not doing this to destroy the same mass eavesdropping projects they support. They're looking for specific strategic foreign policy payoffs from these projects.

Look at what they're supporting. Activism against 'closed governments' with a focus on Central and East Asia. This rings very strong bells for me with Sibel Edmonds' claims about foreign policy support of 'democracy' campaigns in Central Asia being all about undermining China.

Running Tor exit nodes isn't exactly about making it harder to eavesdrop on Tor, is it? And likewise, I would be very interested in exactly WHY they chose Whisper Systems to endorse.

I don't know Moxie Marlinspike from Abraham Lincoln, to be honest. He might be literally incapable of error. I just know that I'm looking at a funding document which suggests to me that what's happening at Whisper Systems is exactly what the CIA, NSA and diplomatic-military-industrial want happening.

My question is, WHY do they like this project so much?

NateNovember 20, 2014 7:08 PM

"OTF reports to RFA’s President, who in turn reports to the BBG’s Board of Governors. The BBGBoard, which is a bipartisan board with nine members, eight of whom are appointed by the President of the United States and confirmed by the U.S. Senate including one designee as the Chairman of the BBG. The ninth member ex officio is the U.S. Secretary of State."

Advisory council:
Kevin Bankston, Policy Director, New America Foundation’s Open Technology Institute
Gustaf Björksten, Technology Director, Access
Matt Braithwaite, Google
Michael Brennan, SecondMuse
Kelly DeYoe, Team Leader, Internet Anti-Censorship Program, Broadcasting Board of Governors
Cory Doctorow, Author, Journalist, and Activist
Peter Eckersley, Technology Projects Director, Electronic Frontier Foundation
Gunnar Hellekson, Chief Strategist, Red Hat
Anthony D. Joseph, University of California at Berkeley
Zane Lackey, Director of Security Engineering, Etsy
Katherine Maher, Director of Strategy and Engagement, Access
Moxie Marlinspike, Institute For Disruptive Studies
Andrew McLaughlin, betaworks / Berkman Center for Internet & Society
Haroon Meer,Founder, Thinkst
Dr. M. Chris Riley, Senior Policy Engineer, Mozilla

Bruce and Cory I trust. (Perhaps I shouldn't?) But... seriously, doesn't it wtf the brain to believe that this is a Dept of State program which is DIRECTLY opposing the DoD's highest cyberwar plan?

I suppose it's _possible_ that State and DoD are fighting an undeclared Internet privacy civil war against each other....? But do we really think that?

Nick PNovember 20, 2014 7:09 PM

@ Nate

Oh ok then we seem to be on the same page. There are U.S. government groups (esp NSF and DARPA) that fund strong security for the stated reasons. Mainly for their own use. However, CIA doesn't usually do this and anything like this they fund likely has an agenda. The one you describe is probably one of them.

I think another is as cover for their own agents and activities. Like with In-Q-Tel, the CIA likes building stuff that everyone can use and improve so long as it benefits them. The main problem with most strong security & anonymity systems is that few people are using them. If they get one widespread, their people can disappear in the crowd by using it or a hardened version that looks like it on the surface. The weak implementations allow others using it to be targeted via SIGINT, while the good enough security it provides allows their spymasters & agents to hide in crowds of dissidents.

That's my theory on their side of things. I'm more inclined to believe it because it's how I did OPSEC: embed into popular protocols. I especially liked putting covert channels into Bittorrent streams because they can send a ton of data & there's no indicator of who the real recipient is.

NateNovember 20, 2014 7:15 PM

(Sorry, missed three advisors):

Bruce Schneier, Security Technologist and Author
Ian Schuler, CEO, Development Seed
Jillian C. York, Director for International Freedom of Expression, Electronic Frontier Foundation

Nick PNovember 20, 2014 7:15 PM

@ Nate

"My question is, WHY do they like this project so much?"

It protects hundreds of millions of users at once with great usability. It subverts hundreds of millions of users at once with great deniability. It does both at the same time. Who knows... ;)

"doesn't it wtf the brain to believe that this is a Dept of State program which is DIRECTLY opposing the DoD's highest cyberwar plan?"

I've posted before that the U.S. government has a case of multiple personality disorder. There are plenty of groups that sponsor things that DOD opposes. Even DOD. Who do you think taught me (via their papers & product design choices) how to build highly secure systems? It was mostly research papers from military engineers, papers by academics that were government funded, and evaluation reports by NSA on highly secure products. The U.S. government funds good shit all the time, often with good descriptions of the specifics.

This one is suspicious because of Radio Free Asia being the funding source. Otherwise, it looks a lot like the others with a bit more structure, diversity, and sustainability. A good program with questionable purpose. So, we're left with more questions than answers unfortunately.

NateNovember 20, 2014 7:27 PM

@nickp: Yeah, the 'hiding agents in a crowd' idea makes sense. But still... there has to be some kind of backdoor, doesn't there? Or - as with GPS - at least the ability to selectively choose *where* to enable mass crypto for plausible deniability and where to turn it off to enable surveillance.

Seems to me the ideal for both State and DoD would be:
1. Total security for military/diplomatic comms.
2. Total anonymity/security/deniability for secret agents.
3. The ability to 'turn on' underground movements at a whim and 'turn them off' when their usefulness is gone.
4. The propaganda boosts from both supporting Democracy, Freedom, Apple Pie AND Zero Tolerance For Crime/Drugs/Terrorism
5. The ability to read anyone's mail, even your own underground activists, at any time for any reason and leave no trace.
6. The ability to deny the same to any adversaries

It's probably impossible to get all of these at once. And I can believe that there are multiple directly opposed missions in foreign policy and intelligence and factions that fight each other; even the NSA has two opposed missions (SIGINT vs COMSEC). I'm just... it's wheels within wheels and turtles (on elephants on skateboards) all the way down. The sheer mass quantity of spin is dizzying, and makes me feel a little sick.

Marcos El MaloNovember 21, 2014 6:25 PM

"THIS IS EXACTLY THE SAME US CONGRESS THAT JUST VOTED TO REJECT THE NSA REFORM BILL. They may be politicians, but they didn't get there by being dumb."

Thanks for the comedy.

anonNovember 21, 2014 9:12 PM

@ BoppingAround

"Their 'promises' are not worth anything. They are *words*."

Their promises are as valuable as their brand (read: $19 billion). Their reputation and customer loyalty would suffer if it was publicized that they were selling metadata because the entire mantra of the company from day 1 was that they offer a paid service to their customers and will not sell their data to advertisers. That means most of their customers are only paying them because of that promise ... loose the promise, loose the business.

"Subscription fee? 99 cents per year? Verizon charge much more for a month and still sell you to advertisers."

Verizon is a telco ... telcos have a special place among privacy unfriendly companies that doesn't have an equal in silicon valley's corporate culture.

"I am not sure if applauding for the false sense of security is the right thing to do."

When you shared that instagram story, you admitted to not knowing the terms of instagram's sale to FB and consequently ... you don't know how those terms compare to the terms under which WhatsApp was acquired. You essentially admitted ignorance and still insisted that your false sense of paranoia was grounded in a prudent conclusion.

@ Nate

"Those numbers don't seem to quite add up.

At $1 per user per year and 500 million users, that's a gross income (not profit) of $0.5 billion per year if WhatsApp's revenue stream is coming only from user charges.

Facebook paid $19 billion. Are they really expecting to wait 40 years just to make back their initial investment?"

They also sell "stickers" as an in app purchase. These are kind of like emoji but with higher resolutions and sometimes animated ... they might be hand drawn and artistic or they might be comic like and connected to outside brands.

You can be forgiven for not knowing about the multi-billion dollar sticker industry because it's not that popular with Americans. It's huge among youngsters in japan and emerging markets where they'll often speak without using any words at all ... relying only on very expressive stickers. I posted an NYT article about it below.

http://www.nytimes.com/2014/05/26/technology/no-time-to-text-apps-turn-to-stickers.html?_r=0

BoppingAroundNovember 22, 2014 11:12 AM

anon,

> Their reputation and customer loyalty would suffer if it was publicized that they were selling metadata because the entire mantra of the company from day 1 was that they offer a paid service to their customers and will not sell their data to advertisers.

Still, they seem to consider that as one of possible future outcomes:

WhatsApp is currently ad-free and we hope to keep it that way forever. We have no intention to introduce advertisement into the product, but if we ever do, will update this section.

Source: http://www.whatsapp.com/legal/

> When you shared that instagram story, you admitted to not knowing the terms of instagram's sale to FB and consequently ... you don't know how those terms compare to the terms under which WhatsApp was acquired. You essentially admitted ignorance and still insisted that your false sense of paranoia was grounded in a prudent conclusion.

Don't you know what kind of company Facebook is?

Anyway, I would be grateful if you would provide some info regarding terms of WhatsApp's sale to FB. All I have managed to find so far talks about future monetisation and the value of WA data to FB.

anonNovember 22, 2014 12:58 PM

I googled "whatsapp independent facebook" and got several good articles (from the likes of the wall street journal, the economist and techcrunch) detailing how WhatsApp would have access to FB's resources while "remaining completely independent" (all on the 1st page of results).

Some of those articles have quotes from either Koum or Zuckerberg emphasizing that point.

http://techcrunch.com/2014/02/19/facebook-buying-whatsapp-for-16b-in-cash-and-stock-plus-3b-in-rsus/

http://blogs.wsj.com/digits/2014/02/21/whatsapp-ceo-on-facebook-deal-its-about-staying-independent/

http://www.economist.com/news/business/21596966-why-mark-zuckerbergs-social-network-paying-such-whopping-sum-messaging

http://www.techtimes.com/articles/15019/20140905/facebook-zuckerberg-bets-on-whatsapp-reaching-nearly-half-the-world-population-how-scary.htm

Mike (just plain Mike)November 23, 2014 11:19 AM

@Nate @Bopping @anon

One of the things I think is often overlooked regarding FaceBook’s purchase of WhatsApp is the rate at which WhatsApp was growing at the time. It was (and still is) a *paid* for service with *no* advertising – and people were loving it, and they were piling on board exponentially. WhatsApp was giving the lie to “you can’t compete with free” with “if the price is right people will pay to not have adverts and not have details of their lives drained for the benefit of corporate entities” – and if you think about it, if that is true, then it is a *massive* existential threat to the business models (== sell advertising) of most of the major internet companies – FaceBook principally among them. Thinking this way allowed me to make some sort of sense of the insane amount FB paid for WA. I think the WA people have (had?) a genuine point – with the cost of running servers falling by the minute how much do you really need to charge per user per year for services like FB to cover their basic running costs these days? Sure, such enterprises will always be *much* more profitable – and much crapper for the user – *with* advertising – but how much would you (well – maybe not you – but an average FB user) pay per-year for a version of FB or other ‘social’ services (or internet search even) that was completely advertising free and was essentially aligned with *your* interests because you were paying directly for the service it was providing? Would you pay $1 per year to not have adverts? No? Wait five years and it could get as low as $0.1 per year maybe? Would you pay that to not have adverts and not have you life strip-mined? I’m guessing it is very much in the interests of big-data/advertising and also in the interests of surveillance-happy-governments to keep the “you can’t compete with free” model/dogma going as long as possible because it very much justifies... in a plausibly deniable way... the collection of all of that personal data. God forbid we develop a true market in which people actually pay directly for the services they want – who knows what kinds of secure systems that might spawn? I guess it was in the interests of a wide spectrum of powerful entities that WhatsApp ended up on the inside of the tent pissing out, rather than on the outside of the tent pissing in.

BoppingAroundNovember 23, 2014 5:19 PM

anon,

Thanks for the links. Seems some authors agree that this is an 'odd' deal indeed.

Mike (just plain Mike),

You offer quite an interesting perspective here. However, this whole thing does somewhat baffle me. Is it *really* a threat? WA is pretty big in terms of userbase, yes, but are there any other entities that follow this model?

anonNovember 24, 2014 8:22 AM

There are others - like threema - but WA is the only one that's gotten this much popularity through a paid model. There are apps without adverts Viber, Line and WeChat but they rely on the sticker business model - some are earning over 0.5 billion in revenue per year with that model. Usually they sell a 12 pack bundle of clip art that you can use in your conversations for 99 cents. It's a non-intrusive option because people who don't buy those stickers are unaffected.

Then there are companies like SnapChat and Telegram that don't have advertisements but they also have 0 revenue so they're probably trying to build as large of a user base as possible, before committing to a business model.

FB wasn't interested in the $1 billion / year that WA can earn now. It was mostly about emerging markets and their http://internet.org/ campaign. The founders of WA and FB are talking about bringing the internet and mobile to 3rd world countries and making WA into the killer app for this new market. They're talking about potentially having half the world as WA users.

Mike (just plain Mike)November 24, 2014 12:51 PM

@Bopping

Baffles me too really – my thoughts were just a way to try to make sense of it – 20 billion is really quite a large amount of money – so I was trying to think of what made WA ‘special’, and the only thing I could really think of was that it was likely *already* self-sustaining from a business perspective (not like they were employing thousands of people) and it was very popular and growing very fast. The standard-issue start-up strategy is to give people something for free in an utterly non-sustainable way in the hope of attracting enough users to get bought up by one of the existing advertising funded behemoths - as time goes on you get potentially more and more vulnerable -, or to transition at some point to advertising knowing it will aggravate your users, poison ‘the experience’ and thus sap user uptake – possibly with fatal consequences in the longer run... whereas WA was presumably already financially viable, scalable and scaling fast – it didn’t need anyone else’s help thank you very much... and was presumably just going to get bigger and bigger, and could then perhaps have become more of a general application platform – I don’t know. Anyhow – looks like a dump-truck full of money did the trick – but I suspect there will be others.

Snake Oil GourmetNovember 29, 2014 9:14 PM

Unless the source code of WhatsApp is published this is just a marketing step. Unless they give us the full source code of WhatsApp you have no guarantee there is no backdoor and no way to verify if the implentation does not have major flaws.

This is just one more snake oil and that Moxie Marlinspike gives his name for this is a shame.

Moxie does not give us any guarantees, there is no backdoor left inside. Does he? No, he doesn´t.

Snake Oil, tomorrow for lunch.

MykolaMarch 15, 2015 2:26 PM

As of now (2015-03-15) WhatsApp still use scheme with decryption of messages on their servers. At least on Ukrainian numbers (+380...)

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.