> when provided with evidence showing that any other WhatsApp user is infringing Zee’s copyrights by selling copies of its film, WhatsApp must suspend the corresponding accounts within 24 hours.
So this does not require Whatsapp/Facebook to proactively monitor its network and suspend users who share it (if it did and Facebook complied, it would disprove their claim that e2e encryption as they use it provides sufficient privacy).
Anecdata: I recently shared a private FB event link with a friend over WhatsApp (DM, not group chat) while we were in the same room. She saw and opened it. Some hours later it was gone from both of our chat histories on all devices, with no notice of deleted messages. Earlier and later messages were intact.
I don't see how this could happen if that claim was true.
I have a more clear event: At my company we regularly communicate single use credit card numbers for company purchases. One of those was sent via WhatsApp, and stolen. Neither the origin phone nor the destination phone were compromised. The card was used to purchase Adwords, the transaction originated in the US (we are in Europe).
Our theory is that at least images on WhatsApp are human-reviewed, and one reviewer saw the credit card go through and took the opportunity.
We reversed the transaction and switched to Signal...
At least on android, most whatsapp data is stored in a folder named whatsapp, which can be accessed by any app with storage permission. So you can see all sent/received images and videos in photo viewer apps etc. Signal stores them in a place which at least in Android 11 can't be accessed by other apps.
It's a virtual card, generated in the banking app, to be used one single time. The card never existed outside the bank IT systems or the phones involved in the communication.
Whatapp does have a list of banned hashes for images so that certain images cannot be send - this hash check is done on the client so as not to break e2e encryption.
> I don't see how this could happen if that claim was true.
I don't see the relation. They could (and I'm sure they do) attach a message id to the e2e-encrypted payload, shared between message sender and receivers. They could remotely delete messages by id, either by design or through a bug. None of this requires breaking e2e.
I mean, I'd argue that remote message deletion by id should not be possible (i.e. the client should not permit it) and certainly not without user notification, but that's a different matter.
Deleted message contained more text than only the link. The event was quite small and local (social event with <200 participants). The organizer (a friend of mine) had asked people to not share the link via social media.
While what you're saying is theoretically possible, I find it such a stretch that the only reasonable explanation save for some very unlikely bug is that message contents are indeed accessed in some form outside of our own devices.
Yes indeed, to request the OpenGraph metadata. Though technically not needed I assume that any hyperlink will be readable by WA/FB. Anyone knows if these requests go via their own servers?
It would be terrific to find a way to reproduce this.
What do you believe is the likely reason for the link to be deleted? Do you think that the organizer (your friend) did something at his end that caused the link to be deleted everywhere? I.e., he wanted to delete the link. In that case, it should be possible to reproduce this.
Or do you think Facebook or WhatsApp disapproved of the link and therefore deleted it? Was it something controversial or against Facebook rules? It could be possible to reproduce that as well if a group of users shares an equally controversial link.
I agree. It really beats me. The organizer did write on the event info page something like "don't share on SNS". While it's a curious coincidence that it's specifically this link that gets deleted, AFAIK there's no way for an organizer to prevent sharing apart from making the event private and requesting attendees in free-text to keep it to themselves.
The only thing that I think could potentially be controversial would be that it was a social gathering during the pandemic. The event page itself was and still is up. If it was deemed against FB rules I'd expect it to be reflected in some way on FB, and not just by deleting WhatsApp messages refering it.
I really can't give a good reason apart from "some ML model got triggered somehow, which prompted a human somewhere to look at it for a couple of seconds and click the delete button"
Regardless of e2ee, they might have code bundled in the WhatsApp app that just deletes local video messages based on a hash. That wouldn’t break encryption.
The client can delete the message if the decrypted hash matches a certain blacklist. It doesn't have to happen on the FB servers.
Such a mechanism allows governments to turn WhatsApp into a propaganda machine very easily, though, so I'm not sure if I would consider such a mechanism for my app if I were in a similar position.
You cannot and should not be able to use a hash or rainbow table for encrypted messages. If that is possible (you don't use a nonce), then your encryption is broken since many common messages can be looked up in a rainbow table and you can use replay attacks.
This is of course great, but such hash based filters for images or videos can be circumvented easily by just flipping one bit (without corrupting the file). I guess what we really need is some kind of ML trained filter that has a great rate of success and a very low false positive rate.
> if it did and Facebook complied, it would disprove their claim that e2e encryption as they use it provides sufficient privacy
You made me envision this "end-to-end encryption" scheme:
- Alice sends a message to Bob. True to its word, WhatsApp encrypts the message on Alice's client and transmits it through to Bob without the WhatsApp server ever being able to read the message.
- Bob receives the message, which is decrypted for his viewing by his WhatsApp client.
- Bob's WhatsApp client reads the message and reports it back to the WhatsApp server.
> Bob's WhatsApp client reads the message and reports it back to the WhatsApp server.
In every copy of the app, WhatsApp explicitly says, "Your messages, calls and status updates stay between you and the people you choose. Not even WhatsApp can read or listen to them."
Of course, the scenario you describe is possible, but WhatsApp would be lying.
A lawyer could argue that sending a hash of the transmitted file (or, preferably, locally verifying the hash against a blacklist) is substantially different from sending/reading its contents.
That’s true but the Digital Millennium Copyright Act is a US law and this is an Indian court. So it’s similar in that what has to be reported is the act of a user sharing the content, but the reaction the platform has to take is different.
Most likely, because if they refuse and it's infringing then it's them (WhatsApp) getting dragged to court for not following the court's orders. I suspect it'll end up similar to how most service providers handle DMCA takedowns: honor it without question. If it's invalid, the affected party can take it up with whoever submitted the request as far as WhatsApp is concerned.
FFS, those do not require active monitoring. Article 17, formerly known as article 13, explicitly states: "8. The application of this Article shall not lead to any general monitoring obligation. ".
general in that statement is a weasel word, and including it in the official article text is a clear indication of intent:
"Yes, we recognize this requires setting up a monitoring infrastructure for compliance with the article, but we reserve the right to publicly condemn any company that uses that same infrastructure for self-serving purposes."
You could, you know, read the article before you start spreading FUD about it. Maybe the answers you seek are in it.
In the end it doesn't matter how it will be followed. If general monitoring is the only way to follow it then nobody needs to follow it. Simple as that.
I always thought that they only managed the public keys.
I thought that your backup is stored in iCloud or Google Drive unencrypted. Facebook doesn't have direct access to that. You phone must be already logged in to those services.
They broker the public key exchanges and IIRC the clients trust the broker when it claims that the previous key owner (definitely not Eve) has generated a new keypair. There is a setting (opt-in!) to even see when this occurs but once it does your oh-so-compliant client has already re-encrypted the old messages with the recipient's new pub key and sent them along. This behavior is by design.
Some folks will tell me "but it's end-to-end!" and it feels kinda like they're telling me that it's "what plants crave."
EDIT: if you don't believe me, turn on the setting, have a friend reinstall the app and watch the re-keying happen. It's indistinguishable from an attack unless you trust the broker. If you trust the broker, then why claim it's "end to end"? Also refer to the various articles that describe this behavior that WhatsApp says is by design.
Double EDIT: why is it this way by design? Because it would be a PITA if every time you replaced your lost phone your buddies got a warning that looked like "Either Dave has got a new phone or the NSA is attacking you. Resend ten years of hilarious memes and intimate conversations to whoever is on the other end?" Real cryptography comes with real inconveniences when you lose your keys. It's the same kind of headache with securing cryptocoins - if you lose the secrets you lose the money. Trusting an agent is the only way to escape, but it comes at a significant cost. Cryptocoin custodians like exchanges get attacked all the time. And communication broker/relays get lawful intercepts all the time.
> Resend ten years of hilarious memes and intimate conversations to whoever is on the other end?
AFAIK, it won't resend already received messages; if the other end didn't have a backup, these ten years of old messages are lost for that end. I don't know whether it will resend sent but not yet received messages, and it certainly will use the new key for new messages (but at that point, you already received the "key changed" alert).
AFAIK, there are two kinds of private keys here. There's one key used to encrypt the backups, which can be either local (on the device) or sent to Google's or Apple's servers; that key is AFAIK kept by Facebook (unlike Signal which asks you to write it down), but it's useless without the backup files, which most probably Facebook cannot access directly. The other key is the ratcheting end-to-end encryption key, and AFAIK that's only kept by the device itself; if you have the right option enabled, you can see whenever someone you're talking to installs WhatsApp or Signal on a new device, since you'll be warned that the key has changed.
As I understand it, with backups disabled, at least the text messages are protected. I would expect file contents of unknown files to be protected but file hashes to potentially leak.
The movie in question is getting streamed at a pay-per-view price of Rs.249, and is failing to generate revenue magnificently. It should have been obvious, no one is going to pay theatre-ticket prices to watch a silly[0] movie on their little phones.
What theatre-owners fail to realise is that many people pirate the movie not to avoid the payment, but because MANY people hate theatres as an establishment.
I want to watch in a small, portable screen changing positions on my couch, not sitting in a static position for over an hour, on a huge screen, full of lines, people, smells, and even 20 minutes of ads.
I wouldn't mind paying the price TO SEE A MOVIE. It's just that all the rest of the theatre experience is crap.
A similar point was made by Gabe Newell about gaming. Piracy is first about access and convieneience.
Also, most cases of piracy are of those who otherwise couldn't afford or would not have paid the theater experience. So the pirate is a ghost customer who only exists in the pirated world.
I never paid for western shows up until Netflix came along. I never paid for games until steam started using regional pricing. I never paid for music until Spotify.
In every case it was about access, convieneience and the willingness of the service provider to meet me where my wallet was.
I just read yet another naging popup with assurances that my messages are private and encrypted, so how can Facebook read message to supposedly pirated movie ? .... and to accept new policy
Whenever you communicate with a user or a group on WhatsApp, your phone number is visible to that user or group. If anyone of the users in that group is a rat, they can divulge all the conversations to law enforcement including all group member details.
Bottom line choose your friends wisely or join seedy groups with caution.
All the encryption in the world won’t do you any good if the recipient of the message can’t be trusted. And the larger the group the more likely it is that someone is a bad actor.
One thing I've always wondered, and I think IETF needs to get a working group on.
Where do snitches fall in reference to handling of evilness[originally defined in RFC3514]?
Should the evil bit be set in reference to the activity of a group in isolation of the maliciousness of an implementation of a system operating on a network medium?
Example:
>A group uses a tool or protocol legitimately in the way in which it was designed [non-evil manner] to facilitate an illegal workflow [debatably evil, but at a level irrelevant to the network]. Based on RFC 3514, this group carrying out the illegal activity in a way not malicious on the to tge network SHOULD NOT set the evil bit; they are up to no mischief within the context of the network. as they are making use of hosts as they were designed to be used. A snitch within the group, however, SHOULD set the evil bit, and furthermore, if IPv6, should set the attack identifier to something appropriate since they are exploiting the implicit trust of the network in a malicious way [see RFC's 7258 and the IPv6 relevant part of 3514]
Clearly, there is intent based on related work with optical switches and routing that the evilness bit should cascade appropriately between contexts, such as there being evil lambdas, and evil polarizations, etc.... How then, does one then handle the problem of "relative evilness", in which the state of the evil bit is dependent on higher order constructs, in particular where higher order activities are directly recognized to be a form of network attack, thereby warranting the setting of the evil bit by one party or the other? Note, this issue does not just impact the criminal element, as the same setup could easily afflict law enforcement by which a snitch jeopardizes legal activity through the same attack pattern, or rogue law enforcement participating in unlawful surveillance jeopardize the safety and integrity of the network.
I believe the very future of security on the Internet and the integrity of activity mediated over it is at stake if we cannot reach a rough consensus on this topic.
In our context "evil" just meant that someone breached the secrecy a group assumed to be a shared value.
Encryption is never evil and the tools used to facilitate communication in democratic societies should not be equipped with traps to enforce whatever power positions exist at one time.
It is indeed a safe assumption in this case. I was trying to sneak in a "snitches get stitches" jab to balance out this year's establishment of the Protocol Police, but couldn't quite pull it off.
you could do it by hashing the content and then sending back the hashes to some server for them to check
but really if the code is not open source it doesn't really help for them to claim E2E. You don't really have any guarantees they won't circumvent encryption.
This is quite interesting. On surface, it may seem similar to the DMCA takedown mechanism, but the whole reason DMCA takedown works is because the movie company sets up stooges in the p2p swarm, and uploading to the swarm is the evidence that you are distributing content. Since there is no p2p network, the movie company stooge cannot really prove than anyone downloaded anything in a whatsapp group. So short of whatsapp's cooperation, which would break the e2e guarantee, this would not be possible.
One may not help but wonder if the real reason behind this is not a movie with abysmal ratings, but rather a desire by the Modi government to get precedence that Whatsapp can be ordered to suspend accounts at arbitrary accusations.
"Pirates" first, and the next wave will be people critical of his government and especially his Corona clusterfuck. The Modi government already ordered Twitter to silence critics.
Can't really blame facebook for once. Even 0bin.net must obey take down requests. In fact, we often have to comply for requests that don't match our jurisdiction because hosting will shut you down without checking anything.
Facebook have their own infra but still, they can't ignore the law.
Given that WhatsApp is by default E2E encrypted and I think this includes group chats and files this is probably not even possible at any meaningful scale.
So this does not require Whatsapp/Facebook to proactively monitor its network and suspend users who share it (if it did and Facebook complied, it would disprove their claim that e2e encryption as they use it provides sufficient privacy).