It’s no secret that we don’t like proprietary software. One of the foundational principles of Noiz is to use open source software and hardware, that respects and protects a users privacy and Freedom. Signal messenger certainly aligns with those values, whilst WhatsApp simply does not.

What’s wrong with WhatsApp?

In short; nothing, provided you are not too worried about privacy, surveillance, censorship or human behavioral modification.

WhatsApp is one of the most popular and widely used instant messaging platforms. It is owned and developed by Meta (formerly Facebook), and uses the Signal protocol for it’s own (alleged) end-to-end encryption.

With that being said, we have some major issues with WhatsApp, which has lead to our decision to use Signal exclusively, for the protection of our own communications, as well the communications of our clients.

WhatsApp is not truly end-to-end encrypted.

In a brief, anonymous interview which took place between our founder and a high ranking active member of law enforcement, it was confirmed that Meta provides specific port access, enabling law enforcement worldwide to access and read user messages, listen to calls, and access various data collected by WhatsApp from the device over time.

This level of access to private communication is a violation of an individuals right to privacy, as enshrined in most of the worlds constitutions, regardless of the reason given for the access, or to whom such access is granted.

If law enforcement can access supposedly encrypted communications, then so can corrupted state officials and other malicious actors. This ‘backdoor’ access exposes an individual to a much broader cyber attack surface, which is why end-to-and encryption has become a highly valuable protocol for the protection of user data.

WhatsApp gathers way more information from your device than it needs.

If you have ever read WhatsApp’s privacy policy, you would have immediately recognized the sheer amount of your data that is being collected and sent back to Meta for processing.

WhatsApp has access to all of the media on your device, including photos, videos and audio. It has access to your location, your movement history, your contacts, near field contacts, photos of your face, access to your camera and microphone, and so much more.

One might think that this information is collected in order to make the app ‘better’ for it’s users, or for marketing. However the implications of this mass data collection run so much deeper.

Often times we hear the phrase “I have nothing to hide”, a semi-reasonable way to dismiss the need for privacy which does not address a genuine problem. Those who are familiar with Edward Snowden might recall his response to this idea, specifically;

“Saying you don’t care about privacy because you have nothing to hide, is like saying you don’t care about free speech because you have nothing to say”.

We are not as concerned about what our users are doing, as we are with the intentions, abilities and actions of those collecting the data.

One of our major concerns is paid state propaganda, delivered directly to a user, curated based on behavioral and psychological models.

Information collected by WhatsApp, Facebook and Instagram is attached to your profile, which moves with you throughout your life, gathering behavioral information and emotional data. This data is then used to curate political and ideological messaging in a way which is most likely to be received and acted upon. In a momentary lapse of critical judgement, or in a heightened emotional state, an individual might accept a curated message into their world view, without context or validation. This process can be magnified through ‘cognitive bias’, or the proverbial ‘echo chamber’ effects.

The solution to this vulnerability in human psychology (which is often exploited by religious cults, marketers, and propagandists), is to not allow the collection of unnecessary data in the first place. In our view, software developers should develop with an individuals freedom being the highest priority during the design.

Simply put, we prefer to use software which truly does encrypt communications, and collects only that data which is necessary for the functioning of the application.

Signal messenger meets this criteria.

Why Signal better for privacy.

Signal messenger is end-to-and encrypted by default, it collects the bare minimum amount of data, and the source code is open source, which means that any ‘back door’ access is highly unlikely.

Who should care about privacy.

Most individuals think in terms of convenience, rather than in terms of principals. Because of this, the need for privacy is not a major concern for most people, although it should be. Everyone should care about privacy in communications, especially in the protection of;

  • Journalism,
  • activism,
  • intellectual property,
  • human rights,
  • etc.

Signal messenger recently introduced the ability to use a username, rather than having only a mobile number as a unique identifier. This allows a Signal user to remain pseudonymous, using a username to build trust during communications over time, but without giving away the individuals true identity.

Pseudonymous essentially means to use an alias in order to hide a users identity. This is different from privacy, which means that individuals know who they are talking to, but the conversation is only accessible to those with access. It is also different from anonymity where nothing at all is known about the individual.

Signal is open source

Signal’s source code is available for anyone to analyze or use. The client applications are licensed under GPLv3, and the server source code is licensed under AGPLv3. This makes the code itself completely auditable by programmers and security experts.

Being open source also means that security vulnerabilities are far less likely.

Signal versus WhatsApp compared

Speak freely with Signal

As an aside, Noiz recently started selling our deGoogled privacy mobile devices again. Our first refurbished model can be bought from our online store.

All of our deGoogled privacy devices come with Signal messenger installed.

We may also run our own Signal messenger servers in future for greater reliability and security for our local users.

In conclusion, Noiz cybersecurity has a made a promise; to use freedom respecting technologies, which are open source, and which protect a users privacy. We therefore have no choice but to ditch WhatsApp, and instead use Signal messenger.

If you are not sure how to get started with Signal messenger, please visit the foundations website at https://signal.org and speak freely, today.

Editors note

Noiz cybersecurity does not benefit in any way, including financially from the Signal Foundation, or it’s application. I am simply very passionate about the project. Noiz donates a small monthly fee to the foundation for the maintenance of the project, and to secure the future of encrypted communications. I encourage the reader to consider doing the same.