At present, it features a messenger, a chatbot builder, a payment system, and mini-apps
On top of other things, this Max app seems to be Maximizing attack surface
Well now! 
The Dragon Bear Allaince 
which country is next?
India?
e-ruppee / cbdc being pushed there.
India is already partly along this path with the E-rupee.
Facebook Messenger and WhatsApp at least have E2EE so they can’t read your messages, this Max has microphone access and tons of privacy invasive mini apps inside
2 Likes
Allegedly. But nobody can verify this.
Its a closed source app built by a data harvesting company that has a history of secretly backdooring their products for the government and subsequently lying about it even after they’ve been caught red-handead., in a country known for coercing companies to break encryption for “national security purposes”. WhatsApp encryption is about the least trustworthy “Trust Me Bro ™” there is in tech.
The Google / Apple ecosystem on most mobile devices already mirror (and sometimes exceed) this level of privacy invasion.
2 Likes
Can it be proved? WA code is closed.
Whataboutism. Signal isn’t American corporate spyware. Russia doesn’t have similar open source, always E2EE products.
PRISM partnership wasn’t a backdoor in an E2EE client. It was a “We have all this data in plaintext on our server, let’s hand it over to the FBI via streamlined channel.”
That being said, yeah you absolutely shouldn’t trust WhatsApp as a closed source application. We already have good applications like Signal that are open source and that use the same exact protocol so no reason to use WA.
My real concern is Max is a scapegoat to draw attention from Telegram, that’s the much more likely spying platform on Russians, well, it’s closer to 1B users already. It’s touted as anti-Putin but conveniently lacks meaningful end-to-end encryption (but has it opt in for 1:1 on mobile so that trolls can do damage control and scream BUT IT HAS SECRET CHATS). Durov was sold as “in exile” but secretly visited Russia over 50 times over the past decade.
At one point Signal had on PlayStore the same address as WhatsApp, indicating they’ve shared office space. With that tightly integrated co-operation on the Signal Protocol, hiding a backdoor becomes shit hard.
Meta already has your WA metadata and that’s enough. They know enough about enough people from their FB/Instagram profiles, and for messaging apps its enough they know you’re now friends with someone who likes to ski so if you talk to them a lot before the holidays, guess who’s also getting ski trip ads?
Also, there’s no law in the US that requires backdooring software. Bernstein v. United States - Wikipedia is a famous legal case that defined code as free speech. Thus, compelling a backdoor into code is compelled speech, which breaks first amendment rights, i.e., the constitution.
Communications Assistance for Law Enforcement Act - Wikipedia forces telephone companies to comply with wiretapping orders. That’s not the same.
That being said, who knows if FISA court has some secret law with secret interpretation and Facebook can be compelled, or if Zuckerberg is a little snitch licking big brother’s boot all day. You shouldn’t have to trust him. and you don’t have to. Again. Use Signal.
2 Likes
Im not talking about Signal, its fine. The meme mocks Facebook in particular. One could also add in place social media chats such as Instagram and TikTok messages. If Max is FSB malware (it certainly is), then SMS and social media slop that average people usually use to communicate should also be regarded as FBI malware.
The root problem here is that the vast majority of people use some form of insecure messenger for daily communication, regardless of country, and this gives democracies the same mass surveillance / censorship capabilities as “dictatorships”. Anyone criticizing “dictatorships” should realize that “democracies” usually do the same surveillance, but just hide or justify it better.
At least, for now, E2EE messengers aren’t blocked in democratic countries, so the minority of tech-savvy people who want to be secure can, but unfortunately “democratic” countries are trying to ban E2EE so this may change in the future.
1 Like
Aside from the privacy and security concerns (so typical of ANYTHING made in China these days), WeChat is the most versatile, best super mobile app EVER made. The Japanese have a clone too, called PayPay (mobile payment app) and LINE (which is full of garbage), none has surpassed WeChat.