If you could only choose between SMS and Whatsapp, what would you choose and why?

Whatsapp message content is at least e2e encrypted, whereas SMS exposes all data.

Please don’t tell me to just use Signal. I try to use it as much as possible.

Well, you kind of answered the question yourself: Whatsapp.
Maybe on a second device or a separate profile.

1 Like

My spicy hot take is that I would use SMS.

Some facts:

  1. Neither WhatsApp nor SMS protect metadata.
  2. WhatsApp’s flagging system breaks E2EE. This is especially relevant in group chats, because you have to trust every single member, which of course becomes more difficult the more there are.
  3. Because of this, WhatsApp employs about 1000 moderators whose job is to review messages. Do companies like Signal who make products which are actually secure do this? No.

Additionally, my theory is: Metadata is the only relevant information which trackers and other people who want your data actually care about.

Given all of this, I would prefer my metadata to be collected by carriers with no vested interest in monetizing said data, and who have no need to keep that metadata for long periods of time (typically carriers retain such data for ~1 year); instead of by Facebook which has a vested interest in both retaining that metadata forever, and building dark profiles of every person on their platform connecting all those relationships together.

Don’t use Facebook products.

(Of course in reality I’d use neither one lol)


Obligatory addendum that if you don’t care about Facebook tracking you, then it hardly matters either way, but you should care about Facebook tracking you, I care about Facebook tracking me, and the primary demographic of Privacy Guides is people avoiding big tech companies, so… yeah. Don’t use Facebook products.

15 Likes

Sadly companies seem to be adopting whatsapp as there D2C communication.

Need to bully Family and friends to switch to signal lol.

2 Likes

What makes you confident they aren’t monetizing the data (or at least collecting to eventually sell)? Don’t they already sell our location data?

1 Like

Well, I don’t have to be super confident, just more confident that Facebook definitely is doing that in this comparison. Carriers are bound by their privacy policies and many of them define this type of collection within, so you’d have to check with your specific carrier to determine whether that is the case or not.

3 Likes

Carriers love to monetize everything they can.
Just look at Verizon injecting HTTP headers so websites can track users better along with all the “experience improvement programs” others run and repeatedly opt you back in when you opt-out (T-Mobile).

Here is a good/old table

I strongly recommend skimming the full document: https://s3.documentcloud.org/documents/21088576/march-2019-fbi-cast-cellular-analysis-geo-location-field-resource-guide.pdf

10 Likes

I dont like this term but this is totally true.

I still use SMS as fallback rather than install Messenger/Viber/Whatsapp/etc. This is because this is what normal people use and you just have to be deliberate in constructing your message and not talk about sensitive topics.

Also I feel like Facebook is more competent with its privacy invasion vs the government that cant even put its shtuff together. :wink:

We have some govt surveillance capability but not very competent. This likely would have changed in the general availability of Pegasus and similar surveillance tech, but that would be limited to targetted people only and not vast swathes of the population.

Besides, Facebook can be subpoena-ed. Might as well involve less parties.

SMS defacto
But there is also the email-based messenger DeltaChat :wink:

If you’re talking about the Greek government, yes, by all means, not very capable and totally dependent on NSO to spy on political opponents, journalists or the prime minister’s wife.

If you’re talking about the US government, on the other hand…

2 Likes

I agree with Jonah, giving Facebook your metadata strikes me as no better than giving your (and your contact’s) telecom provider(s) your metadata+message. The tie is broken for me in that not using Whatsapp is a vector for divesting from Meta, a company I would love to see destroyed or at least broken up.

However, I do still use Whatsapp only to send passwords to people using E2EE or communicate with travelers who don’t have SMS.

2 Likes

It’s not like SMS protects metadata, so the only question is whether you think giving your metadata to Meta (heh) is worse than giving it to your carrier and potentially the government?

Whatsapp has many more features than SMS, this alone makes it better for me.

SMS Whatsapp
Who gets metadata? Carrier, potentially government Meta, potentially government on request
Who can read message content? Carrier, potentially government, maybe Google (edit: on Android using Google Messages) Nobody unless someone in the chat reports something to Meta
Features Just texts. (Sending low-quality pictures possible via MMS.) Texts, sending pictures/videos, sending files, voice and video calls, share location, …
Price International SMS cost money. In most countries, MMS are very expensive (e.g. £0.35 per message in the UK). Free
6 Likes

Please understand most people using proprietary apps are also likely to have Google Services running which uses Accessbility Services to read all screen content. People also may give permission to apps to read notifications content, many home launchers ask for such permission for example. And lastly people often type using proprietary keyboard apps. All of these are points where E2EE message can be divulged to third parties.

8 Likes

You’re right but isn’t it the same problem for any app, even Signal, Session, SimpleX, Element, Threema, …

2 Likes

@Regime6045
yes, that was my point, it applies to all apps, but your table implied Google may see SMS but not WhatsApp.

1 Like

That’s an excellent point. Meta (and Google) are not known for selling data, that I know of - maybe I’m wrong and they do, but their business is selling ads, and “their” (as in “your”) data is probably more valuable as a trade secret than as a product.

On the other hand, you can count on the US government having live access to it. So if you’re outside the 5-eyes (or better still 14-eyes) using WhatsApp means your government probably isn’t getting your metadata, while when using SMS it’s almost a given. Plus your data will be sold.

1 Like

Portugal isnt part of any “eyes” alliance that Im aware of and unencrypted whatsapp backups provided by apple and google are used as decisive proof in defamation cases and other similar infractions and most high profile corruption and tax evasion scandals of the last few years were built thanks to said backups as well as metadata provided directly by facebook/meta.

Based on that Id say that the level of access provided by big foreign tech companies and the carriers is similar. With whatsapp you at least protect the stuff thats actually E2EE

1 Like

A post was split to a new topic: Configuring privacy settings in mainstream applications (e.g. WhatsApp)

so you team signal then?

I would go with SMS because f*ck Meta.

2 Likes