Comment by joshvm
7 years ago
> apparently that practice is widespread among non IT professionals, and I find it rather dangerous. The privacy implications should raise some big alerts.
Is using an end -to-end encrypted service worrying?
I assume whatsapp encrypts media as well as messages (I hope so). If you sent that document to any kind of corporate email account (many people use work accounts for non work stuff) it's liable to be opened by your company. Unless you think Facebook is backdooring Whatsapp it's about as secure as a typical email account.
> Is using an end -to-end encrypted service worrying?
I trust tptacek that WhatsApp is end-to-end encrypted. But it definitely leaks metadata. Nobody is denying that.
Facebook now knows gf is communicating with a lawyer.
Your threat model may vary, but my assumption is Facebook will sell that info to anyone who pays. (Not directly, but definitely using some sneaky ad targetting: all girls, 27-35, this zip code, this education, etc, and who has contacted to a lawyer recently.)
If this isn't possible it is just because they are so busy doing all kinds of worse things that they haven't gotten around to it yet ;-)
I'm only halfway joking: this is the company that fools people who try to be secure into giving up their mobile phone number, then shortly after starts using it for targetting.
I think he meant the same kind of attacks that happened in '90's where you got word docs on your computer filled with malicious macros and now this is all over again as the same attack vector due to widespread of Office360 for mobile.