I live in Canada. My girlfriend is Chinese (also living in Canada), and while we are able to communicate via SMS, her mobile carrier isn’t the best, and so there have often been issues for us with regular texting. She expressed a strong preference to use WeChat, at least as a backup option for when texting fails us. While I have some pretty significant reservations, it’s not the hill I want to die on. So my question is: what can be done to use WeChat without compromising my whole phone? I’m okay with it if our conversations aren’t private, but I’d like to know that I’m not giving unfettered access to all of my phone’s systems and data to the CCP. What can be done to limit the reach of this ubiquitous app on my device?

    • viking@infosec.pub
      link
      fedilink
      arrow-up
      15
      arrow-down
      1
      ·
      8 months ago

      Whatsapp uses end to end encryption and is far from as intrusive as wechat.

      • jetA
        link
        fedilink
        English
        arrow-up
        4
        ·
        8 months ago

        So they say, but its closed source, so its hard to verify.

        • viking@infosec.pub
          link
          fedilink
          arrow-up
          10
          ·
          8 months ago

          Nah it’s rather easy to do and has been done by security experts. If your phone is a rooted android, you can do it yourself using PCAPdroid, it’s basically a network logger that allows to install a trusted certificate as a local proxy and go man in the middle on yourself. That way you can decrypt the https traffic between your phone and the whatsapp server.

      • umbrella@lemmy.ml
        link
        fedilink
        arrow-up
        6
        arrow-down
        4
        ·
        8 months ago

        whatsapp is certainly backdoored, its closed source and unverifiable.