Well you type messages in in plain text and they decrypt it to show you the messages at the other end. So they can do the nefarious processing on the client side and send back results to the mother ship. E2EE is only good when you trust the two ends, but with WhatsApp and Messenger you shouldn’t trust the ends.
At the end of the day, you’ve got to trust someone. I’m 200% convinced meta mines the social graph, of course they do, and provide access to law enforcement with a pro forma request. But I’m also 199% sure they don’t actually read your messages once unencrypted, reencrypts them and sends them as hidden payloads or does something else with it. The damage, should it be discovered, would be untold.
And while I don’t trust Meta on a lot of things, I know enough people there to realise that if they did that it would leak.
It wouldn’t matter to them really. Just look at how many people have gmail accounts.
They don’t even have to send the whole messages back to base. They could be categorizing your messages in to themes and sending that back to base as small category flags. Use that to build a profile on you and use those for advertising to you.
You mention something on the theme of ‘broken boiler’ in a message, that gets analyzed on the client in to a category of ‘interest in heating / boiler repair’, plus some adjacent categories based on your demographic. The categorization gets sent back and the next website you visit has an ad for British Gas boiler repair.
Well you type messages in in plain text and they decrypt it to show you the messages at the other end. So they can do the nefarious processing on the client side and send back results to the mother ship. E2EE is only good when you trust the two ends, but with WhatsApp and Messenger you shouldn’t trust the ends.
At the end of the day, you’ve got to trust someone. I’m 200% convinced meta mines the social graph, of course they do, and provide access to law enforcement with a pro forma request. But I’m also 199% sure they don’t actually read your messages once unencrypted, reencrypts them and sends them as hidden payloads or does something else with it. The damage, should it be discovered, would be untold.
And while I don’t trust Meta on a lot of things, I know enough people there to realise that if they did that it would leak.
It wouldn’t matter to them really. Just look at how many people have gmail accounts.
They don’t even have to send the whole messages back to base. They could be categorizing your messages in to themes and sending that back to base as small category flags. Use that to build a profile on you and use those for advertising to you.
You mention something on the theme of ‘broken boiler’ in a message, that gets analyzed on the client in to a category of ‘interest in heating / boiler repair’, plus some adjacent categories based on your demographic. The categorization gets sent back and the next website you visit has an ad for British Gas boiler repair.
Yes but it’s not like people wouldn’t observe the traffic, even if encrypted.