Flawed reporting about WhatsApp

Calvin02 | 354 points

For those who don't know, newspapers often have a Reader's editor whose job it is is to criticise and be the voice of the readers inside the newspaper. In this case, this is written by that person for the Guardian after what would appear to be a thorough investigation of the matter.

There's a lot of people here saying this should have happened faster, they're likely right, but also, given how extensive and thorough this is, it is more likely an example of how old-school editorial rigour just takes a lot of time.

te_chris | 7 years ago

I think this is a really thorough mea culpa which is quite impressive, given the frequent failure of other newspapers to publish a prominent apology when they have got things far more wrong than this.

gtf21 | 7 years ago

It astonishes me that the Readers' Editor, someone with long experience in journalism, thinks retracting this story would mean taking it offline as if it never happened.

Frankly, I think this is a weak response. There is nothing in this investigation they could not have cleared up in January; instead, they dawdled and now they equivocate.

idlewords | 7 years ago

Pretty much every single person I know outside of the Bay Area and not working in tech believes that the government and the corresponding corporations running the service are reading all of their messages on:

* Whatsapp * FB Messenger * iMessage * Hangouts

They also all believe that the police can look at their Facebook posts because they have special access.

This is precisely why there was minimal reaction to the Snowden revelations - what revelations?

acchow | 7 years ago

The linked Guardian's article doesn't really explain why they were wrong. This article by Moxie, designer of the Signal Protocol, is great: https://whispersystems.org/blog/there-is-no-whatsapp-backdoo....

ngrilly | 7 years ago

Maybe one day they'll issue a correction for their PRISM reporting too. The solution is exactly the same as the solution in this case: the editors should demand that the journalists verify their claims with experts.

lern_too_spel | 7 years ago

Speaking of security, the new possibility of a Google Drive backup for WhatsApp messages and files has been quite overlooked imo.

This backup is not e2ee, which means that if the other part is backing up data in Google Drive, then at least part of you WhatsApp history is not e2ee. Yes, it might be encrypted whithin Google Drive by whatever secure methods Google chooses, but not by you.

chicob | 7 years ago

Good on them for admitting to all these flaws. I'm especially interested in the fact that government officials seem to be citing articles to push people to certain communication channels.

EternalData | 7 years ago

From the open letter:

"People believe that you perform due diligence on matters critical to their lives and safety."

And at the bottom of the open letter many security experts have signed in support. That is, "signed" in the colloquial sense.

Small digression-- let's say a person tasked with reviewing a story in the Guardian is not an expert in security. They would really love some way to start with one or two security experts they know and trust and "fan out" to other experts based on their relationships.

Is there a quick and easy way for the journalist to do that by looking at the names of cryptographers listed at the bottom of a webpage?

Also: can someone explain what "due diligence" means? Is it the expectation here that a journalist not only report what would look reasonable to a non-journalist reader, but also use their considerable skill to ensure that they present their readers with verifiable facts, to the best of their ability? Even if it takes a considerable amount of time and effort on their part? Even if verifying the evidence relies on clunky, cumbersome tools that no one wants to spend time using?

jancsika | 7 years ago

It is funny how while reading this article establishing Guardian's screw up I was nevertheless asked twice to give them money.

vzaliva | 7 years ago

Sad that the writer (calling herself investigative journalist - https://twitter.com/manisha_bot ) of the flawed article does not even mention the amended article in her twitter account.

omnifischer | 7 years ago

This is not the original Title. Submitter is editorializing via title. Please don't do that on Hacker News.

danjoc | 7 years ago

Hint: If site is empty for you, remove "amp." from domain name.

majewsky | 7 years ago

This entire conflict just seems completely absurd to me - why on earth are the 72 "experts" who signed the open letter so quick to trust WhatsApp without access to the source code?

eehee | 7 years ago