Hey Folks! Someone in my family (Person A), has talked to a guy, who is working in the tech world, about if it make sense to use Signal, over Messenger, Snap, WhatsApp, with privacy in mind. The tech guy said, there is no difference, and that its not making sense to use it and that its almost the same. I know Signal is discussed alot here, but im now looking for some arguments, and facts to tell the one from my family, that the tech guy is wrong. What arguments can i use, why is Signal better in privacy, then the other alternatives? Person A, has always been sceptical about me beeing so privacy minded, and A thinks that there is nothing to do to protect, and is one of thoese saying : I have nothing to hide.
Edit: thank you for the help
@FriedRice@lemmy.ml Do you still require help?
No thanks.
Here’s my main argument for more private services (I try to make all my arguments short).
According to a study done by proton, a single company makes a minimum of $200 dollars off of each person, each year. Of course, they probably gain more money via clandestine deals or the government buying data directly to get around the 4th amendment.
But that money, doesn’t go solely to the companies dedicated to collecting data, or those parts of other companies. It goes to lobbying the government to strip away privacy further.
And then I have two endings, depending on the situation:
-
Of course, I recognize that in today’s connected world, I can’t get privacy unless I go live in the woods. But I can decrease the amount of money companies make off my data, which I do like.
-
Organizations like the EFF, lobby on the other side, for more privacy for us. But they are opposed by when massive companies like google also lobby. So when I deny google $100, that’s money they can’t use to lobby anymore. Rather than thinking of it as denying google money, think of it as making a donation to the EFF, that they use to ensure our rights are in place.
-
Signal is the only app on that list whose app is open source. That means it can be audited to see if they are telling the truth.
You cannot say the same for the others and you just have to take them at their word. Should we take Facebook at their word?
It’s also the only app on the list managed by a 501©3 non-profit, so you can additionally check where their money goes.
That’s true! I can’t wait to “shoot” back with arguments :-)
Also the FBI took signal to court and the only data they could provide was the date of signup and last login timestamp
This is an important extra point: being open source, a government can’t secretly mandate a back door, because everyone would be able to see it. For the other options listed, there are no guarantees.
They can put the backdoor in themselves though, see the recent xz backdoor. But the question is whether it would be found out or not.
xz backdoor rely on two testfile with malware, some script that do specific thing to malware to unmask and inject. If commit later change any part to break backdoor, signal probably forced to reject to keep backdoor.
But why reject good change? Might raise red flag.
xz almost worked because it was in something nobody was looking at. Signal code is audited regularly.
First of all, Signals code is open. Many people arround the world can check (and they already did) if the messenger lives up to its promises, is secure, private and so on. The others are not. Whatever you think they do, you have to trust a company like Meta. You wanna be that naive?
All those apps collect data: when you are online, where you are online, who is talking to who. Maybe also what you are talking about… we can’t know. For example: Some psychatrists do not use WhatsApp because using such an app in the waiting room would provide Meta with information like ‘you have mental health issues’. Signal on the other hand does verifiable not collect such data.
We also can see bahaviours coming from big companies to direct societies into a direction of their favor. They act like this, because maximum profit and power is what they are working for - they are simply companies. Signal on the other hand is a foundation which aims to provide security, encryption, privacy and fight against censorship (not in terms of content but in terms of countries blocking messenger services). What could be the more trustworthy base?
Btw Signal uses donations to pay their development and Servers so you can use the app for free. What does Meta use to handle costs for WhatsApp, Facebook and so on… Maybe they are charitable 🤞
To name differences:
- No adds
- No tracking
- Local backup (not on Google services or something like that)
- No exchange of personal data like phone number (they use a hash instead)
- You can use a pseudonym in form of a user name to get in contact with others (without telling them your phone number) and you can easily delete it and use a new one
- Signal created the Signal protocol which is called the gold standard, as it is the most secure and to encryption mechanism. They were the first so add resistance against quantum computers
And finally the better question is:
Why should the world use WhatsApp and co and not Signal? They do not have one advantage. If the whole world would use Signal, Threema or similar apps, it wouldn’t lose anything but would win so much. Think about thatSo good written, and understandable. Thank yiu
Whats’ app, while E2EE can still pull lots of information from who you message, how often, the size of the messages, and contact’s phone number. Messenger has the content of your messages and with whom you converse according to Facebook account info stored on Facebook servers. Snapchat has a record of all activity, contacts, and message content. The messages only disappear from app but not from SnapChat servers. All 3 of those record of how you live your life, except Whatsapp can’t see content of messages but still has your activities and contact phone numbers.
Signal was ordered to turn over user content to court and Signal only had when the user last connected to the service and date of account creation. Signal had zero information about messages, when messages were sent, or to whom.
WhatsApp tracks when and who you talk with.
Thar information is used to put people on government target lists and kill them.
Just because the tech guy is a tech guy doesn’t mean they have a sense of privacy, or even know what tech can do, harm wise… maybe for them it’s just hardware specs and Windows installations everyday
That’s so true. I thought so too, but Person A I a hard but to crack 😀
With that in mind, security and privacy are two completely different things.
For instance, I would say that WhatsApp is fairly secure. It just isn’t private at all. Meta can (and does) see and track your meta data.
Why is that important? I liked these 2 examples I read somewhere because they are simple but explain how powerful it is. Your phone calls are private. Your carrier isn’t allowed to listen in on your call to know what you talk about. But they can see that you called a suicide hotline while standing on a bridge. They can see that your doctor’s office called you and then you called an abortion clinic next. The following week your GPS location went to that clinic. Are these things Person A would willingly tell their phone provider? It’s none of their business so I assume not. But they essentially are when they don’t care about their privacy.
Another stance I take is that even if they don’t care about their privacy, can they at least respect mine? I don’t give their phone number out to anybody that asks. But non private apps look at all their contacts so they are doing exactly that to me. Think of the last spam call they got. If they knew it was because of you wouldn’t they be upset?
Show them this: https://techcrunch.com/2025/01/22/whatsapp-wins-reprieve-in-india-over-user-data-sharing/
The dispute began when WhatsApp required users to accept expanded data sharing with Meta’s platforms or risk losing access to the messaging service. While European users can opt out of such sharing, Indian users cannot — a distinction that regulators found problematic.
Meta doesn’t know what you’re talking about, because WhatsApp is e2ee. But they know:
- who are you talking to
- when
- how often
- what else were you doing before/during/after the talk
- links that are shared (the preview fetch is not e2ee afaik)
These are all valuable metadata and given enough of it, they can even infer what you were talking about. Target you with ads on their other platforms (but rumors are that WhatsApp will have ads inside eventually)
(the preview fetch is not e2ee afaik)
Technically, it is, but end to end encryption only covers the data between the ends, and not what one of the ends chooses to do with it. If one end of the conversation chooses to log the conversation in an insecure way, the conversation itself might technically be encrypted, but the contents of the conversation can be learned by another. Or if one end simply chooses to forward a message to a new party not part of the original conversation.
The link previews are happening outside of the conversation, and that action can be seen by people like the owner of the website, your ISP, and maybe WhatsApp itself (if configured in that way, not sure if it does).
So end to end isn’t a panacea. You have to understand how it fits into the broader context of security and threat models.
For the purposes of the average person the tech guy in your op is absolutely 100% correct.
All the platforms listed use transport encryption and that’s enough to avoid mitm surveillance which is enough for most people.
Most people’s “threat model” is the police or a pi. All the apps listed including signal have to comply with orders from American police and have “sidechain attacks” that involve stuff like getting some member of the groupchat’s device and scrolling up or tricking someone into giving up sensitive information.
Just check news, Paragon case in Italy or other past security scandal.
show them a picture of zuckersuckers face and ask if they would trust him with your secrets
For me it is not so much about personal privacy, as against concentration of power.
Insane money combined with capacity of invisible, precise manipulation of mass information is really hurting democracies. Big tech is already richer than most countries, and their negative influence is more visible than ever. So now we, who believe in democratic principles, have to vote not only with ballots, but also with our choices and our conscious attention. The least we can do is resist this concentration of power on personal level. Ideally - do it together.
This is how I see it too. It’s why I use Telegram (which I know is dodgy) but not Whatsapp.
Here are 28 arguments for you to use.
that’s a lot of arguments
These are not designed to penetrate disinformation.
WhatsApp fails to include a libre software licence text file. We do NOT control it, anti-libre software.
This is the most efficient attack and defence. Do NOT copy what others are saying or you WILL get trapped.
Snapchat does not use end-to-end encryption for messages, so it doesn’t even belong in the conversation.
WhatsApp and FB Messenger are somewhat defensible choices since they at least use E2EE by default (Messenger did not until recently). However, there are a few good reasons to favor Signal:
- It is open source. Interested parties can actually verify that Signal’s encryption claims are true. Interested parties can also audit new versions as they released.
- Facebook/Meta, as a company, has a long history of tracking users, leaking user data, and even conducting psychological experiments on users without consent and in secret.
- WhatsApp and Messenger only allow 6-digit PINs to secure your messages. With that PIN, you can decrypt those messages. Signal allows for longer alphanumeric passcodes.
- Facebook makes no promises not to track your usage of Messenger or WhatsApp, only that the messages themselves are encrypted.
Thank you for the list of arguments
