Ze zijn er inderdaad niet bij gebaat om het volledig te implementeren en daar is best veel over geschreven vanuit verschillende invalshoeken.
WhatsApp is owned by Facebook, while Signal is owned by Open Whisper Systems. They have very different business models.
It's well-known that advertising is at the heart of Facebook's business model, which is fueled by the vast quantities of data that users hand over to the company through its various services. Open Whisper Systems, on the other hand, is a non-profit, grant-funded group of free software developers whose mission is to “advance the state of the art for secure communication, while simultaneously making it easy for everyone to use”.
It’s important to note that while the Signal protocol encrypts the content of our communications, it does not encrypt metadata – information about information - such as who we contact, when and from where. Given Facebook’s willingness to implement end-to-end encryption in WhatsApp, which prevents even the company itself from accessing some of its users’ data, one can't help but wonder if the value has been in the metadata all along.
Unlike content data, which is harder and more expensive to process and retain, metadata is ideally suited to automated analysis by a computer. It can be stored in large quantities and reveals information (such as who you contacted, when and where) that is very difficult – if not impossible – to deny. Using metadata, analysts can map out an individual’s political affiliation, interests, economic background, location and habits, as well as the network of people with whom that individual communicates. This information can be used to create group and individual profiles that are in great demand by an advertising industry desperate to know its audience.
Advertising might seem harmless, but it's important to remember that we are rarely in control of the profiles being created about us. As a result, these profiles may or may not be accurate. And regardless of the accuracy of our profiles, research has shown that profiling can lead to various forms of discrimination. While it's not clear whether and to what extent WhatsApp users' metadata feeds into Facebook's advertising business model, it remains an important question. As Open Whisper Systems is not in the data business, we believe Signal is more likely to protect our metadata.
That said, it’s worth noting that Signal’s reliance on the Google Cloud Messaging platform means that Google — which is, of course, in the data business — does have access to some of the metadata produced by Signal. They know the current IP address of any device that receives a Signal message, for example, but Signal’s architecture hides as much of this metadata as possible. The Signal protocol can be used independently from Google Play Services via LibreSignal, a fork of Signal, which can be installed from F-Droid, a free and open source Android app repository.
We worden in de waan gebracht dat het ineens 'veilig' is ok te gebruiken en dat 'niemand' er bij kan, terwijl er terdege nog heel veel informatie bij elkaar wordt gesprokkeld.
En signal op zichzelf blijkt ook niet helemaal veilig,
Een ketting is zo sterk als de zwakste schakel.