Yesterday (13.3.2019) many folks around were complaining about attachment delivery issues on different platforms. Those platforms had something in common which not everybody realized - Facebook as their parent company. What might these problems imply??
Such platforms were acquired for money never seen in tech industry before! And for what? Your privacy! Nowadays it has big value for anybody around you and you may not even know when its going to be crucial in your life your privacy remained protected.
Just to put into numbers.. In 2012 Instagram was acquired at 1 billion US$. At a time Instagram hold accounts of 30 millions of users - so here Facebook paid 33$ per user account. However 2 years later something much bigger happened. Platform of 450 millions active users was acquired by Facebook at the price of 19.3 billions US$!!! This is 43$ per user. Just wow! Nowadays Zuckerberg claims WhatsApp platform has 1.5 billion users and sees 60 billion messages sent per day.
Back to the point. Such a technical complication heavily implies Facebook created something common for these platforms. Some central point (mostly per region) which is between yourself and other end of your message. Many would think something spying related. But we will never know for sure. However we can speculate - because this unit yesterday encountered some technical problems - thus attachments on all these platforms were not able to be delivered until they were "cached". Basically here Facebook himself is the man in the middle of your privacy today. If your fine by this - your call, but let me please spare some time for next paragraph.
There were cases where insurance companies revoked e.g. life insurance for no apparent reason. Your privacy can be bought! For example cases from Britain or US prove your medical record is accessible at a certain price.. A medium they are accessible through is so called "black market" or "deep web".. Here anonymously figures individuals who are most likely direct employees of the entity where are your private data. Nurses, doctors, accountants, tech engineers, lawyers etc. who provide sensitive data in exchange for the money. With virtual currency is now almost impossible to track back to the "leak" source.. Price varies per country. A page from your medical record goes in Britain from 150£ to 250£. For the insurance company this is significantly cheaper then risking paying off 2 mortgages to your family in case you die of cancer for example. You might be lucky that nobody with the access to your medical records figures at such platform.
However what about your "virtual" privacy? Is it safe?? Your private conversations, shared images, and apps itself with read access to your phone storage/contacts/call log/GPS/etc.. We are at the era you can trust no one online! Having such an app like Whatsapp for example in your phone gives Facebook access to your location at any time your phone is turned on. Through different platforms they can get all different kind of information from you and offer this as a package deal to anybody who is willing to pay. Suddenly visiting oncology clinic for a couple of days? Sharing emotions about your dad health issues to friends through Instagram? I might be paranoid that somebody is scanning through all this.. maybe, but what about BOTs? Their existence have grown dramatically in past years and with AI getting smarter every year it could be not that difficult to understand whats going on with your life every day. Companies witch such power and infrastructure have definitely huge potential.
What you can do about it? Get rid of those platform entirely - which can be difficult from one day to another, but at least you can remove "native" apps from your phones.. There are plenty alternatives which offer you an access to such medium while not being tracked directly by the app owner.
Me personally am still member of the Facebook network. However I am taking some extra steps to access it. Definitely not having original apps installed in my phone. Since they started blocking messaging via your phone browser I am using a third party app which combines your feed with messages. On the desktop my Facebook tab is in isolated environment (browser extension: Facebook Container) and I never ever upload sensitive pictures/documents through it. Everything you decide to share through it is their property! You wouldn't like to see your newborn cute baby in the magazine of some anti-vaccination movement.
What about messaging? Neither your private email from your private account is today safe. On the way to its destinations at different level in infrastructure we have different interceptor. Edward Snowden even confirmed it is enough to send from your Gmail account email to hospital private one and all gets to the hands of NSA.. Thus it is essential to put your own encryption layer over everything you want to keep private. Or at least choose a trustworthy medium..
There are alternatives! - and they are even better!
Again, it might and it will be difficult to go through such a change, but the least you can do is to register your phone number there - so when somebody else from your contact list will join such a network, will see more and more friends there.
Two completely standalone and not yet acquired by any gigant are Signal and Telegram. You can check out reviews and comparisons of these services, just Google it and you’ll get a lot of interesting results. I decided to write this post as a collation of most reviews I’ve read myself, and some information I got from the websites of both Signal and Telegram.
Signal
Signal is a completely open source, free, secure, and private instant messaging platform, just like WhatsApp (apart from the fact that it’s open, secure, and private). Signal has apps for Android, iOS, and your desktop as well (an in-browser app). Like any other modern instant messaging service, Signal supports text, images, videos, voice and video calls, and documents. And just like any other messaging platform today, it supports group messaging.
The most important thing to note here is, there’s end-to-end encryption for both text and voice messages. Signal, or anybody else, can’t see what’s in your messages. And Signal promises to keep it that way.
There’s a feature where you can configure certain messages or threads to destroy themselves after a set interval of time. So if you think that a message should be in your recipient’s inbox for only five minutes, you can make that happen, and the message will be automatically deleted after five minutes. There’s nothing the recipient can do about it, or stop it from happening.
One more awesome feature, at least to me, is something called as Screen Security. You can go to your privacy settings and enable Screen Security, which will essentially block other apps on your phone, or yourself, from taking screenshots of your chats on Signal. This way, you can be sure that even if there’s an app which is keeping tabs on your activities on your phone, it can’t capture what’s happening inside your Signal app.
Each time you call somebody on Signal, some really cool magic happens behind the scene. The two phones talk to each other and come up with a secret code that nobody else could know, even if they’re monitoring the internet traffic and intercepting all the messages being exchanged. The apps then convert this secret code into two words. These two words will be shown on the displays of both the phones. You can tell each other these two words and make sure they’re the same. If not, then something is wrong with the encryption. You drop the call, switch to a different internet network, and try again.
The common practice here is, when you answer the call, you say the first word out to the caller. Then the caller verifies that it’s the same word on their phone, if not, drop the call. If it’s the same word, the caller will speak out the second word. Now you verify if it’s the same on your phone. If it is, nothing to worry, carry on with the conversation. If not, as already said, drop the call, switch networks, and try again.
Signal also promises that there won’t be any ads, at least for now. WhatsApp had similar promises in the beginning, but that changed after Facebook acquired it. For the foreseeable future, that might not happen with Signal, because it is an open source project. It’s very difficult to monetize an open source project with ads.
So, in a nutshell, Signal is an awesome option for an instance messaging service if you’re concerned about your security and privacy, which you should be. Now, let’s take a look at Telegram.
Telegram
Telegram is similar to Signal in a lot of ways. It’s APIs and protocol are open sourced, but the core part of Telegram, the server-side services, aren’t. This could potentially be a privacy concern. We’ll talk about this later.
Telegram has apps for almost all your devices, Android, iOS, web, Windows Phone, Mac, PC, and even Linux. So no matter what device or desktop environment you use, you’re covered. Similar to Signal, messages on Telegram are encrypted end-to-end. And the service also claims that:
Telegram delivers messages faster than any other application.
https://telegram.org/
The service’s servers are spread across the globe, which means that the messages could, in theory, be delivered to the recipients faster, as the actual physical distance from the mobile device to the server could be less compared to other services.
One feature which sets Telegram apart from other instant messaging services is that Telegram has no limit for the size of file you can share on the service (edit: according to one comment to this post, there is actually a limit for the file size, and it’s 1.5GB, which is a lot if you ask me). So, for instance, you could share a file which is several GBs in size with your peers on the service. WhatsApp and Signal (as far as I know) don’t have this feature, they both set a limit on the file size.
Telegram will be attractive for another genre of users as well, those who want to have loads of people in a single group. This is because Telegram allows for up to 100000 people in a single group, and that’s a huge number.
Similar to Signal, telegram also features messages that self-destruct after a set amount of time. This means you can easily send messages to people that wouldn’t be available after a certain amount of time.
Now, earlier, I mentioned that Telegram also features end-to-end encryption. While this is true, it should be mentioned that this isn’t available by default and for all messages. There’s something called a Secret Chat, and unless you start your conversation in this mode, your messages aren’t actually completely encrypted. So you should keep this in mind.
One more thing to keep in mind is, as I already mentioned, the back-end services of Telegram aren’t open sourced. So we can’t really tell what’s happening to our messages once they reach Telegram’s servers. Its also true that we can’t assume the messages are stored in plain text on their servers, but there is a possibility that Telegram, if need be, can actually go through our messages.
I’m not saying that you shouldn’t trust Telegram. For now, there’s no issue with Telegram and there’s no reason to believe that they’re lying to us. They are a non-profit after all, and I don’t see why they have to lie to us, for now. So let me reiterate, I don’t mean that you shouldn’t trust Telegram, you sure can do. But facts are facts, and their back-end is closed.
Conclusion
To be frank, there’s nothing you can trust on the internet. To be a 100% sure that nobody’s going through your data and that it’s 100% secure, you’ll have to go through each line of source code in all the clients and services of these instant messaging services, download the source code, compile and build it yourself, and use those executable files on your devices. Almost nobody does that (a few people do). So, the only thing we can actually do is go through the terms and conditions, FAQs, and other literature we have of these services, and make an informed decision as to which service we should be using. Or at least have yourself registered there so others will see it might be worth to switch now.
Anybody with knowledge deep enough into internet security would urge you all guys to have a look at the alternatives to WhatsApp and especially Facebook Messenger.