> EFF has criticized WhatsApp for being closed source, but not for this particular aspect of the key exchange functionality.
The articles I've seen appeared carefully worded so as to achieve some balance, but did express some criticism and concern.
"Nevertheless, this is certainly a vulnerability of WhatsApp, and they should give users the choice to opt into more restrictive Signal-like defaults." from:
> By making the discredited argument that WhatsApp's key-change behavior is a fatal flaw, you're disagreeing with... and about 50 more experts equally respected in the field if less known to the typical HN reader.
No, the vulnerability was confirmed and the argument that it represents a fatal flaw for those needing fully secure communications is sound. No one competent (and intellectually honest) has disputed this, or would even try to do so. The open letter itself acknowledges it, and I know every open letter signer I followed did so as well.
What the open letter did was take issue with the language used by The Guardian, point out the potential for such language to scare some people into less secure solutions, and argue that the vulnerability is a reasonable trade-off for convenience that can benefit some users too.
> Signal does not have this vulnerability, but WhatsApp has it.
That might need a footnote or something. TheGuardian is reporting: Moxie Marlinspike of OWS said Signal planned to make blocking notifications an option for some users and use non-blocking notifications by default.
> Browser vendors really need to change their attitude towards extensions, as they basically allow users to install malware/spyware in their browsers without performing any real certification / auditing.
Browser vendors have already increased restrictions on extensions to the point where it impedes the development and use of some security improving extensions. There may be some things that could be changed to improve transparency and end user control. But it is ultimately the end user's responsibility to determine what is and isn't appropriate for their use. Browser vendors don't have enough information to make that call.
> At the very least there should be a way for users to see a full audit log of the information that an extension sends to remote servers, as this is usually already enough to tell if the extension is sending more data than it should.
Which of the popular browser's don't have the ability to display network traffic? I've used the one in Chrome and the one in Firefox on multiple occasions.
Normally, the problem isn't detecting that an extension is sending data to a server. The problem is that people don't look for that and discover it. Or they discover it and tolerate it based on a hope that the data will never be misused. Cloudy judgement.
If "You can be very sure that the anonymous person you communicated with last week is the same anonymous person you are communicating with and potentially transacting with today." that person DOESN'T have strong anonymity.
If "You can be very sure that any transaction you make cannot be disputed." then you DON'T have strong anonymity.
I could not find a non-paywalled definition of strong anonymity. The closest I got was the abstract for a paper by Kawai et al (2009) that claimed it would define the term, but failed to do so in the abstract.
I've also done a search for strong anonymity and deniability and I don't see anything that indicates there is a link. I wonder if there is a problem with definitions here. Can you give a link to what you think of as strong anonymity?
Interesting. Although you will note that in their definition, one of the parties (the bank) knows the identity of the customers. By tracing the transactions, they can deduce the identity. The original article specified pseudonymous transactions, so either the system is trivially strong privacy or (more reasonably) this definition is not really suited to this discussion.
> These discussions always avoid talking about the merits of data-driven design and always assume malicious intent.
Perhaps because most of the time the implementations do some harm, the doing of that harm is by design, there are ulterior motives, it is forced upon users, and the representations made to users are intentionally vague and misleading.
I think they'd have to monitor and restrict thoughts or at least be able to extract memories. The frightening thing is: if there ever comes a time when such technology is available, they will try to use it.
> your AI should ultimately know your favorite restaurant, your girlfriend’s name, but also your health record and everything else you might not always feel comfortable sharing with the world at large.
No. It should know what the user wants it to know. Which may or may not be those things.
Of course! But if one day you want it to help you with your health habits, it will help if it can guarantee that it is private-by-design, so you know that the information about your health won't leak
The articles I've seen appeared carefully worded so as to achieve some balance, but did express some criticism and concern.
"Nevertheless, this is certainly a vulnerability of WhatsApp, and they should give users the choice to opt into more restrictive Signal-like defaults." from:
https://www.eff.org/deeplinks/2017/01/google-launches-key-tr...
Key change notification concerns paragraph from:
https://www.eff.org/deeplinks/2016/10/where-whatsapp-went-wr...