By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
Speaking of The Guardian, it’s now the last week of April and they still haven’t issued a retraction of their grievously irresponsible story alleging a “backdoor” in WhatsApp from January. Zeynep Tufekci, in an open letter signed by dozens of security/cryptography experts:
Unfortunately, your story was the equivalent of putting “VACCINES KILL PEOPLE” in a blaring headline over a poorly contextualized piece. While it is true that in a few cases, vaccines kill people through rare and unfortunate side effects, they also save millions of lives.
You would have no problem understanding why “Vaccines Kill People” would be a problem headline for a story, especially given the context of anti-vaccination movements. But your series of stories on WhatsApp does the same disservice and perpetrates a similar public health threat against secure communications.
The behavior described in your article is not a backdoor in WhatsApp. This is the overwhelming consensus of the cryptography and security community. It is also the collective opinion of the cryptography professionals whose names appear below. The behavior you highlight is a measured tradeoff that poses a remote threat in return for real benefits that help keep users secure, as we will discuss in a moment. […]
Since the publication of this story, we’ve observed and heard from worried activists, journalists and ordinary people who use WhatsApp, who tell us that people are switching to SMS and Facebook Messenger, among other options–many services that are strictly less secure than WhatsApp.
The Guardian has stretched this out for three months, so it looks like they think they can run out the clock on it. Shameful — this should be an everlasting hit to their credibility.
★ Monday, 24 April 2017