Collects whats?
Hold on, all this data and metadata it's collecting... Is it related to the app itself (it's own call making and messaging abilities etc.) or ALL types of calls (and other activities) made from the mobile?
Users of WhatsApp need be aware that the popular messaging service collects phone numbers, call duration and other information, according to new research. A network forensic examination by computer scientists at the University of New Haven found that WhatsApp uses the FunXMPP protocol, a binary-efficient encoded Extensible …
Elsevier has a journal called "Digital Investigation"? An upmarket Phrack?
Still, good work at analyzing the innards of the protocol, but it's about as "info-sucking" as SS7. Or not. It depends what is going over the protocol once it has been set up.
But clearly the goal is to help the gumshoes:
From its wide adoption, it is obvious how WhastApp communication exchanges may be used during an nvestigation, making the artifacts it produces of compelling forensic relevance. Therefore, we see a strong necessity for both researchers and practitioners to gain a comprehensive understanding of the networking protocol used in WhatsApp, as well as the type of forensically relevant data it contains. Most importantly, due to the newly introduced calling feature, it becomes essential to understand the signaling messages used in the establishment of calls between the WhatsApp clients and servers. The methods and tools used in this research could be relevant to investigations where proving that a call was made at a certain date and time is necessary.
The article says:
This data included WhatsApp phone numbers, WhatsApp phone call establishment metadata and date-time stamps, as well as WhatsApp phone call duration metadata and associated date-time stamps. They also were able to acquire WhatsApp's phone call voice codec (Opus) and WhatsApp's relay server IP addresses used during the calls.
So, this "collecting" phone numbers, call duration and other stuff is clearly what WhatsApp needs to make the call.
Don't know exactly what the article is about. Somebody has looked into WhatsApp traffic and fails to find someone with their hand in the cookie jar?
the story isn't that WhatsApp is doing a nefarious data slurp, but that it's possible to decrypt its network traffic and extract forensically relevant metadata from it.
(http://www.fit.vutbr.cz/research/pubs/index.php?file=%2Fpub%2F10979%2FWhatsApp.pdf&id=10979)
This post has been deleted by its author
This post has been deleted by its author
This post has been deleted by its author
This post has been deleted by its author
WhatsApp does not encrypt images, so it's easy to find them on your phone, if you need to. The text messages are saved as encrypted .db files using the .crypt8 extension. If you would like to read your backup of files you may follow these instructions:
http://www.digitalinternals.com/security/decrypt-whatsapp-crypt8-database-messages/419/
This post has been deleted by its author
Which is why I declined at that point. Creepy, but quite upfront about it.
It is a Facebook company after all, so creepiness is part of the business model.
One day they will threaten to release all your data if you don't pay regular 'subscription' fees - you have been warned...
No. They won't. The freely given data is far too valuable to threaten slowing down the data warehousing. After all, they are in competition with Google, the arch data-theft criminal, to utilise and monetise behavioural AI.