/e/ app store: Privacy Rating : Whatsapp(5/10) VS (Open Source)Jami (6/10)?

I read about Jami on these forums.

The /e/ app gives whatsapp 5 out of 10 for privacy, yet for Jami which is open source gives 1 more point, 6 out of 10.

**Id like to know about the onepoint difference seperating them,** as ive seen a number of concerns with whatsapp in these forums that it datamines your contact list and sends it to facebook or somesuch.
Whatsapp is not opensource, we have no idea what they are doing behind the scenes, whilst Jami is open source and has repositories on gitlab to view,

I am currently using whatsapp as my friends and family use it like most folks, however its possible i could get them to switch (maybe). i`d like to know about the appstore privacy rating system, shouldnt Jami get a higher privacy rating? or is it nefarious?

Jami is appealing as its on a few platforms, i.e iphone (friends who still use iphone), and has a Linux PC and Mac desktop app

I think would make for a good debate!

2 Likes

I guess e.developers just don’t like how often Jami/Ring/SFLphone changes its names. No other ideas.

1 Like

I think the privacy rating should be refined, for example applications from any one of the GAFAM should have zero by default. Especially whatsapp, I installed it a few days ago and it asked for full access to my SMS and my contacts right at the start

4 Likes

Just checked the privacy rating of Signal Private Messenger which is Snowden’s recommended messenger app according to their website and it also is just rated at 6/10. As WhatsApp used the same encryption tools as Signal, the latter created by one of the original founders of WhatsApp, I imagine the Exodus rating algorithm simply compares what permissions are required and since both apps ask for access to contacts and read/write on your sdcard to store media files, then they are rated similarly. But I agree that this could be disconcerting for newbies who might think there’s hardly any difference in the privacy rating so why not use WhatsApp as all my friends do, etc. Of course, this is totally false reasoning since Facebook took over WhatsApp and is now trying to amalgamate it with their Messenger app and Instagram it created a nightmare for software engineers trying to ensure that encryption works on them all when the other two were never desigend to use it. See this article onForbes. WhastApp encryption is dead!

4 Likes

Theres an open source app in the /e/app store which gets 10 out of 10 for privacy and its an add on for whatsapp to send only text message; without it accessing your contacts, called open in whatsapp yes thats the name of the app. could be good for solution for those that are stuck with whatsapp.

I didnt know about Jami and their strange name changes; 2 previous incarnations prior, so thats intresting. There`s some folks on the forum that think /e/ is a terrible name maybe /e/ OS should keep their current name and not change it for fear of critism of the name change :slight_smile: To me theres nothing wrong with the /e/ name, i like it.

Thxs!!, i hadn`t heard about Signal, that looks like it could be a very good alternative to whatsapp, signal seems to be open source too, plus i like the forewords by snowdon and some Cryptographers!! That article you posted about facebook is very disturbing. its sounds very nefarious!

Asked the current status of this work and when it might be deployed in the production version of WhatsApp, a company spokesperson declined to comment.

That article is really amusing as then it suggests that criminals and terrorists will opt to use signal. doesnt mention us privacy advocates that dont want to be datamined, profiled and harrassed by advertisements.

The only issue i`ve discovered with Signal is that when the /e/OS does an update you lose your conversations, data, pictures etc unless use a method to back those files up as addressed in this /e/forum discussion here

I am unsure if its because it used to be included into the /e/OS and since removed from future OS updates, or it will be ok if you install it yourself from the app store. would be good to hear from those users and if Jami users encountered issues.

I did find another similar app called Jitsi meet however that gets a privacy rating of 3 out of 10, its very disapointing as i have been using Jitsi desktop version for windows for years to make SIP/ viop calls and was a fan. The desktop version is open source and supported by the community however their android app is not!; they got bought by a company called 8x8 not long ago :frowning: a 3 out of 10 mark compared to the other messaging apps! wow this one must be really invasive.Yikes!

After browsing on the /e/ app store for awhile ive concluded that a privacy rating of 6 out of 10 is a very high mark for a text/ voice messaging app!

Well, for that open with whatsapp app, It may be better as for app telemetry, but it does still got that controversial connection with WhatsApp in itself. A score of actually 6/10 would have been more logical for my proper ethics of privacy.
(Thought this was a standalone whatsapp client, my mistake)
I think we should indeed keep that automatized privacy system, but, probably when the other ratings would be enabled, we should be able to directly discuss and be able to modify their app privacy ratings, per cases.

Ah do u mean the Open in whatsapp app should be changed from Privacy rating 10 out of 10 to 6 out of 10, because its still using the 5 out of 10 regular whattsapp app. good point!

I’ve tought you mean it was a Whatsapp client. Well, then, I should remove my comment then. Sorry for the misunderstanding.

Yes the name is confusing, Open in whatsapp is the name of a app for use with the normal whatsapp which enables the user to text without sharing the contacts.

Their descriptions reads as follows:

Open chat in WhatsApp without saving phone number to your phonebook

** This app uses WhatsApp public api ‘click to chat’ feature to open a chat with any number without saving to your phone book.**
** You can create an url link that will open WhatsApp on the specified number. This is a WhatsApp feature, you don’t need this app to open the link, only to create it.**

*available from the /e/ app store

So far the privacy ratings on the /e/ app store stand at :

Whatsapp 5/10
Signal 6/10
Jami 6/10

I think these rating are soley to do with permission and trackers, isnt the ultimate tracker your telephone number? I`m 52% sure since i registered my phone number with whatsapp i get more random sales calls, wouldnt put it past them to have sold my info.

If we also look at the Apps themselves:
Whatsapp asks you for your telephone number to register
Signal asks you for your telephone number to register

Jami does not ask your for a telephone number, neither does it ask for e-mail to register, instead u create a wild user name to begin i.e a forum type username and a strong password, then it ask you to create your formal name which only your contact will see, and your ready to make calls, texts, video chat, shares files just like the other two. (only drawback is there no password recovery, if you forget your password then your done for)

As you dont need to register a phone number: For this reason alone Jami deserves extra points!!!

Jami now gets (in my opinion) 8/10 perhaps even9/10 :sunglasses:

1 Like

A very interresting review of all secure chat apps could be found here
https://securechatguide.org/

2 Likes

I like sites trying to audit and compare (open source) software but that securechatguide seems to be a bit confusing regarding criteria and testing (not well documented). I mean how can someone use ephemeral messages as a criteria!? Those are messages that will be deleted after the recipient has seen it. But: There is no protection that someone does not make a screnshoot of such messages (so that criteria makes obviously no sense). Also, how can someone suggest to use a closed source application? One more example: Jami is NOT using google firebase (https://git.jami.net/savoirfairelinux/ring-client-android/issues/516) as it’s disabled, but that site gives a different impression.

There are well over 100 chat-apps on that list and less than a dozen recommended. How can be a closed source app (without audit) like twinme recommended? Or Wire, that requires Google Play Services? Or riot.im without mentioning any of these issues: https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0 Also, personally I would not consider apps that work only on android and ios as good enough. A good chat app should be cross platform.

I like that long list though and the work put into the research. It should be improved though.

I was having a look again at the app ratings and discovered something interesting: Tinder has 9 out of 10 for privacy!
Now here is an article: https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold

That’s a good article, Tinder makes basically profiling, collects every piece of data available regarding a user. It does not deserve a good rating.

1 Like

Forget the rating in apps store.
I prefer this way for my

  1. Installing the app
  2. Before starting
    → remove all access to storage, phone and so on
    → checking trackers via ClassyShark
  3. If the app has trackers
    → removing app
    If the app doesn’t have trackers
    → starting the app. If the app needs a account or registering for running → removing the app
2 Likes

I also follow this procedure :ok_hand:

1 Like

Sometimes using a service without an app is not possible. Like Uber lite has one Uber tracker and a privacy rating of 5. What is the best way to use such an app?
If I need something like that, I tend to switch to a completely new profile and install it. Only use that profile if I need that app.

Better using the webinterface. For uber there is one.

By the way, forget the privacy rating

uber pwa

So the PWA is better than a native app on a new profile. I like the idea of PWAs, these would be helpful for smaller OSes too like UbPorts or Sailfish. Sometimes there are no PWAs though. For example for a city scooter company or car sharing. In that case a new profile might be still the best solution.