Do Not Trust WhatsApp

July 1, 2020

WhatsApp, with its 2 billion users, is the most popular messaging app in the world. In addition to a user-friendly interface and many useful features, it claims to offer end-to-end encryption, meaning that only the sender and the recipient, and no one in-between, can read the messages. However, some do not feel comfortable using WhatsApp because it is owned by Facebook whose track record on data privacy is not great. It might indeed be a problem, but not the biggest one. The fact that WhatsApp is a closed-source software is what should worry you the most.

Why Open Source?

I am not yet an open-source evangelist but when it comes to data privacy and secure communications, the code being available to the public is a must for me. WhatsApp, like many other messaging platforms, claims to have implemented the Signal Protocol. It is an open-source protocol and the gold standard of end-to-end encrypted communication—it ensures secure exchange of messages between two or more individuals. But although the Signal Protocol is open source, WhatsApp is not. How that impacts us depends on which one (or superposition) of the following universes we live in: The Good, the Bad and/or the Ugly.

The Good

WhatsApp developers have only good intentions and do not make any mistakes.

It is possible that WhatsApp has indeed implemented the Signal Protocol without any backdoors or bugs. It would make little sense for them to risk their reputation and not ensure the one thing that they became known for—privacy. As a matter of fact, if you analyse the messages that WhatsApp transmits, they do seem to be encrypted; well, at least there is no obvious way to decrypt them without a cryptographic key.

The Bad

WhatsApp is evil. (Dear Mark Zuckerberg, this is a hypothetical. Please do not sue me. I am poor.)

Even if WhatsApp communications are encrypted in some way, there is much more to secure exchange of information than just sending an encrypted message. In the end, we still want at least two parties to be able to read those messages; this is where cryptographic keys come in. The Signal Protocol uses a complex process of generating these keys for two (or more) users (see this Computerphile video, for example). However, with WhatsApp being closed source, there is no way of verifying if this process is properly implemented. It is, in theory, possible for them to introduce a backdoor without our knowledge. Such a backdoor could be abused either by the company itself (for commercial purposes) or by other entities, such as governments.

The Ugly

WhatsApp developers make mistakes.

As a matter of fact, all developers make mistakes. With any large software project, there will almost certainly be a scenario that results in an unintended behaviour of the program. Although some of the deviations from the engineered behaviour might be harmless, secure messaging apps should be held to a much higher standard. Having code open to the public allows many more people to spot potential vulnerabilities, which can then be dealt with. Of course, one can make an argument that keeping the code closed source would not allow the bad guys to spot the vulnerabilities in the first place and then exploit them. In practise, this strategy usually does not work because you do not necessarily need to see the code to exploit the vulnerabilities of the software.

What is the Alternative?

Due to its popularity, I focused on WhatsApp in this post, but these considerations apply to any messaging platform that claims to offer end-to-end encryption, and yet is closed source. Why you should care about privacy at all is a post for another time. However, if you do care about it and you think in terms of potentiality, WhatsApp is not the way to go.

My personal recommendation is Signal, which I use to communicate with most of my friends and family. It is provided by a non-profit organization lead by Moxie Marlinspike who originally co-developed the Signal Protocol. Signal has state-of-the-art security features and, importantly, is open source. Even if you are not a cryptographer (neither am I!), it makes it easier for those with the expertise to inspect the code and suggest improvements (as is constantly happening on their GitHub page). Signal has now become the natural first choice for journalists, activists and even politicians. We all should have the right to privacy and, fortunately, the technology for that is here.