WhatsApp – About multi-device beta(faq.whatsapp.com)
faq.whatsapp.com
WhatsApp – About multi-device beta
https://faq.whatsapp.com/general/download-and-installation/about-multi-device-beta/?lang=en
82 comments
Can't wait for this to land on the iPad. I despise WhatsApp with a passion but it's an undeniable reality in large parts of the world, including here in India, so I might as well use it where I find convenient.
Why do you despise it so much?
I use both WhatsApp and telegram and to be honest in daily use they might as well be the same app.
Other than the fact that it's owned by Facebook, I don't see any issues.
I use both WhatsApp and telegram and to be honest in daily use they might as well be the same app.
Other than the fact that it's owned by Facebook, I don't see any issues.
Telegram is miles ahead of WhatsApp. They are basically copying functions from it, but in a lazy way. Apart from being owned by one of the worst corporations created in human civilization, WA is a really annoying piece of software, inflexible and generally worse than Telegram, which is a joy to use.
The last time I used it they made it pretty difficult to use without giving them access to my address book, which made it a nonstarter. It's one thing for me to decide to give up my own privacy, another thing to fork over the data of everyone I ever met.
Telegram has better tools for larger chats (bots, moderation etc).
For 1-1 or smaller chats they're mostly interchangeable except for Telegram's better support for multiple devices.
For 1-1 or smaller chats they're mostly interchangeable except for Telegram's better support for multiple devices.
[deleted]
Does Telegram have proper E2E encryption for chats by default?
Not on by default for 1 to 1 chat but it (Secret Chat) is optional, drawback is that the end-to-end encrypted conversation stays only on the devices initially it was initiated, because the encryption keys stay only on those 2 devices.
For Telegram Group Chat - it is not end-to-end encrypted, Telegram uses distributed infrastructure approach to protected data not covered by End-to-End encryption. I wouldn't consider WhatsApp's Group Chat end-to-end encrypted.
For Telegram Group Chat - it is not end-to-end encrypted, Telegram uses distributed infrastructure approach to protected data not covered by End-to-End encryption. I wouldn't consider WhatsApp's Group Chat end-to-end encrypted.
Nope, but I come from an IRC background so having unencrypted chats is perfectly normal. YMMV.
I've been chatting in unencrypted channels since the mid 90's so I don't exactly see E2EE as a hard requirement.
I'll switch my family chat to Signal or whatever as soon as I can add my home automation bot in there without some weird hacks or custom clients. The current implementation is a glorified Curl call for Discord and maybe 20 lines of Python for Telegram.
I've been chatting in unencrypted channels since the mid 90's so I don't exactly see E2EE as a hard requirement.
I'll switch my family chat to Signal or whatever as soon as I can add my home automation bot in there without some weird hacks or custom clients. The current implementation is a glorified Curl call for Discord and maybe 20 lines of Python for Telegram.
no
and it is not even available for multi-device and group chat
It makes sense because you shouldn't want messaging app's backend to transfer your device specific private encryption key across all your registered devices.
why shouldn't I?
It would be great if WhatsApp group chats would allow a participant to mute another participant. I want to hide the antivax messages posted by a crazy parent in my kid's school group.
> Other than the fact that it's owned by Facebook, I don't see any issues.
That's a pretty big issue for me - whilst the original team were in place, I had a degree of trust for them, but since their departure (and the stories as to why), I trust it less and less.
Unfortunately, for me and everyone I know - it's either iMessage or Whatsapp (depending on your choice of phone).
That's a pretty big issue for me - whilst the original team were in place, I had a degree of trust for them, but since their departure (and the stories as to why), I trust it less and less.
Unfortunately, for me and everyone I know - it's either iMessage or Whatsapp (depending on your choice of phone).
> the fact that it's owned by Facebook
It's a pretty big issue, y'know.
It's a pretty big issue, y'know.
They only have to make it work as good as the Signal iPad app.
If only signal put the same functionality into Android tablets
Why only tablets? Why not all devices?
For example, I'd like to be able to use Signal on both my main phone and my second phone using the main phone number.
For example, I'd like to be able to use Signal on both my main phone and my second phone using the main phone number.
I don't exclude what you want. I want what iPads without SIM have.
Second SIM bound to same identity isn't the same as non SIM adjunct device support.
Second SIM bound to same identity isn't the same as non SIM adjunct device support.
Exactly. I don't even want that Signal knows about the second SIM, I want to be able to use it in another device, regardless if it has own SIM or not.
doesn't seem to be a difficult challenge for facebook.
I tried it, but had to opt out again.
4 devices is not enough, and it changes the end to end key for every device change so now i have to meet up and sync that again.
4 devices is not enough, and it changes the end to end key for every device change so now i have to meet up and sync that again.
What is the threat model that checking keys in person solve? I suppose something like a nation state attacker performing MITM at the point when the keys are exchanged. But it does not protect against WhatsApp, right?
There's one thing that I don't understand about checking keys in person. Since it's closed source, how do we know that WhatsApp is actually doing what they say they do?
You have to trust them that "if the keys are the same in-person, then you're safe". But it's completely up to their implementation which we have no clue of.
You have to trust them that "if the keys are the same in-person, then you're safe". But it's completely up to their implementation which we have no clue of.
You're right. Although if you use any modern smartphone at all this is true for every single software you are running. Apple's store or Play store might be MITM'ing every single app on your phone and you would never know.
Sure, you have to have some trust. Even if you had access to the source, you wouldn’t know that the OS on the phone does what it claims. Then even if you audit and compile the OS from scratch, you also need to audit and compile from scratch the compiler. This is a long process, because you need to bootstrap the compiler compiling somehow. After all that work, you still can’t be sure. Because you also need to build your own semiconductors. You don’t really know that your CPU is doing what it claims, or that there isn’t a secret radio chip embedded into your RAM.
You need to trust a lot of people to have any sanity. Adding WhatsApp on top of a pile of hundreds of companies isn’t that extreme.
You need to trust a lot of people to have any sanity. Adding WhatsApp on top of a pile of hundreds of companies isn’t that extreme.
Yes, i agree with you. Which is why I personally never bother checking the codes in person because I just trust WhatsApp
Because at the end of the day it is based on phone numbers you have to check those keys even if all of the software is secure, because people only rent phone numbers and they are even awkwardly easy to steal by sweet talking the carrier into letting you do a number port.
SIM clone, mostly. SS7 security is not so much lacking, as missing.
Another limitation is that you can't pin chats on desktop/web.
6 days ago - How WhatsApp enables multi-device capability (https://news.ycombinator.com/item?id=28614534)
This is still pretty pointless if you need your phone to log in. If your phone is lost then you still can't get to your messages unless you logged in previously.
It's still the very least to even consider WhatsApp a useable aim app in 2021
It’s a good improvement over the old situation for day-to-day usage, though.
It seems new devices are only able to access history up to three months before the first access. I'd probably give up e2e for a cloud/desktop searchable chat history. Love that I can easily lookup old chats in google talk/hangouts from the gmail webapp. Saved me plenty of times I needed some important information without any backup except vaguely remembering talking about it in chat with my partner.
Element gives you infinite desktop searchable chat history for e2ee chats
it would be great if you could choose an IM platform for its features, unfortunately you have to stick with what your contacts use
Matrix does have great bridging support so it is maybe the way out. With 2 bridges I've reduced myself to 2 chat apps (Matrix + the occasional SMS) which I am very happy with.
It obviously isn't the final solution, but gives me a consistent interface across networks while I slowly grow my Matrix-native network.
It obviously isn't the final solution, but gives me a consistent interface across networks while I slowly grow my Matrix-native network.
Did you experience any quirks or problems using the bridges for WhatsApp? Are you running a matrix bridge instance on a personal cloud instance?
I'm not using a WhatsApp bridge so I can't comment on that bridge specifically. Few of my contacts are on that so I was able to drop it.
I am self-hosting a Facebook bridge and Hangouts/Google Chat bridge amd using a hosted Telegram bridge.
I am self-hosting a Facebook bridge and Hangouts/Google Chat bridge amd using a hosted Telegram bridge.
> If you don’t use your phone for over 14 days, your linked devices will become disconnected.
I hope this is just for beta (and I assume they mean use WhatsApp on the phone) because otherwise it's just seems like a gotcha.
[Edit] Also this is one of those hateful sites which offers "manage your cookies" and all you get is how to clear cookies in the browser. That's not the idea.
I hope this is just for beta (and I assume they mean use WhatsApp on the phone) because otherwise it's just seems like a gotcha.
[Edit] Also this is one of those hateful sites which offers "manage your cookies" and all you get is how to clear cookies in the browser. That's not the idea.
That's why I recommend [Cookie Autodelete](https://github.com/Cookie-AutoDelete/Cookie-AutoDelete) + [I don't care about cookies](https://www.i-dont-care-about-cookies.eu/). It auto-accepts all cookie notices and then deletes them when I close the tab (or after a few seconds/minutes), with the option to add exceptions to sites where you actually need cookies.
Ah, that's a neat solution. But I was on Android at the time, so a bit more tricky. Also building s whitelist would be essential. Thinks ... maybe I could mine my bookmarks ...
Still no tablets. Why is that?
You can sideload the apk and activate it using another phone with a valid sim card. Even if it is a feature phone.
It works just fine on tablets, just get the apk through Aurora, apkmirror, or something similar.
Multi device or not it’s still impossible to have a shared / imported history between iOS and Android, it’s impossible to export chat history, etc.
Sure some people don’t find their chat history valuable. I do though and so do many others, it contains valuable information and memories. Is it the end of the world if it disappears? No, but it still sucks.
One day we will have a popular open protocol and client for instant messaging. One day…
Sure some people don’t find their chat history valuable. I do though and so do many others, it contains valuable information and memories. Is it the end of the world if it disappears? No, but it still sucks.
One day we will have a popular open protocol and client for instant messaging. One day…
> One day we will have a popular open protocol and client for instant messaging. One day…
We have. It's called Matrix.
We have. It's called Matrix.
That last sentiment would be very nice indeed, but I fear this is what we'll get instead:
https://xkcd.com/927/
https://xkcd.com/927/
Closed IM protocols aren’t standards so this doesn’t really apply. There’s only three realistic “standards” in instant messaging: irc, xmpp and matrix. IRC is essentially dead, xmpp is on its last leg and mostly irrelevant, and matrix is very promising just not popular enough yet.
Doesn't Apple implement XMPP for iMessage as well?
> xmpp is on its last leg
Why? Unlike Matrix it's actually an Internet Standard.
Why? Unlike Matrix it's actually an Internet Standard.
It's had about 20 years to hit the bigtime, I think we can safely say it's not going to happen.
A mere protocol will never "hit the bigtime" without some compelling (non-protocol) reason. It's unfortunate that businesses choose to build silos time and time again, but that's where we are - it's not an issue that can be solved at the protocol level.
Should this be fixed (e.g. through regulation), XMPP is absolutely a sound choice - given, as you say, its 20 years of experience, evolution and deployment track record.
Should this be fixed (e.g. through regulation), XMPP is absolutely a sound choice - given, as you say, its 20 years of experience, evolution and deployment track record.
honestly, given the current adoption, growth and state of the ecosystem, I don't think it is.
In theory, you could achieve with it what Matrix achieves, but it would probably be more feasible to start from scratch - like Matrix did
That said, I see how it currently has advantages when it comes to resource consumption as well as internal deployment to centralized services.
In theory, you could achieve with it what Matrix achieves, but it would probably be more feasible to start from scratch - like Matrix did
That said, I see how it currently has advantages when it comes to resource consumption as well as internal deployment to centralized services.
So what is the bigtime open messaging standard?
there isn't any.
But if I would have to bet on a standard which could become it right now, then it would be Matrix.
It convinces when it comes to adoption, concept, features and growth.
But if I would have to bet on a standard which could become it right now, then it would be Matrix.
It convinces when it comes to adoption, concept, features and growth.
> argument from authority
https://en.wikipedia.org/wiki/Argument_from_authority
https://en.wikipedia.org/wiki/Argument_from_authority
XMPP is widely deployed and it's the backbone of WhatsApp, you don't see a lot of servers that openly federate XMPP because there's little business incentive to do so.
Xmpp can continue being a server side protocol all you want, it doesn’t make it a user facing protocol. So in terms of federated or at least cross compatible IM clients it’s irrelevant.
XKCD should make a comic about pre-emptively 927'ing any suggestion to improve something.
It doesn't mean don't bother improving something, just don't expect everyone to switch to it.
Having hardly anyone switch to a new standard when there are existing ones could actually be considered a good thing. The problem comes when the new standard is promoted, inevitably fails to become dominant and ends up making the problem worse.
Note that sometimes new standards are promoted specifically to destroy an existing open standard. The trick is to push hard for the new standard until it gets sort of popular and then back off. Adjust as required to keep things balanced.
Note that sometimes new standards are promoted specifically to destroy an existing open standard. The trick is to push hard for the new standard until it gets sort of popular and then back off. Adjust as required to keep things balanced.
> it’s impossible to export chat history
There has been a "Chat export" option for years. I even exported a chat of mine and ran it through some sentiment analysis for fun.
> shared / imported history between iOS and Android
Yeah this is perplexing. Android to android it works fine. The moment you throw Ios into the mix it gets complicated.
There has been a "Chat export" option for years. I even exported a chat of mine and ran it through some sentiment analysis for fun.
> shared / imported history between iOS and Android
Yeah this is perplexing. Android to android it works fine. The moment you throw Ios into the mix it gets complicated.
My understanding is that WhatsApp uses a different database between android and iOS and I guess they never figured out a good UX for converting between them. It’s shockingly ridiculous for something owned by Facebook.
> There has been a "Chat export" option for years. I even exported a chat of mine and ran it through some sentiment analysis for fun.
You've to do it manually for every chat, and it lacks all media. From the context of preserving your chat history, it's just marginally better than having nothing.
You've to do it manually for every chat, and it lacks all media. From the context of preserving your chat history, it's just marginally better than having nothing.
> There has been a "Chat export" option for years.
Except where they disable it, like in Germany (but haven't followed up on that story if it was resolved)
edit: seems to no longer be the case, time to run some backups!
Except where they disable it, like in Germany (but haven't followed up on that story if it was resolved)
edit: seems to no longer be the case, time to run some backups!
Just another day in the walled garden.
Aside: Moving from Android to iOS is possible using Watoi although it is highly convoluted.
https://apple.stackexchange.com/a/307596/364945
https://apple.stackexchange.com/a/307596/364945
We have (had?) IRC, it was basic but compared to the era it thrived in it was way better than what we have today, compared to what's possible today.
I don't know much about IRC, but isn't it about group chats, as opposed to instant messaging? Sure, it might be possible to have instant messages, but is that possible over server boundaries?
I recently did this (Edit: import) via sqlite for somebody, the iOS->Android direction, but with knowledge about both databases schema you can go both ways. Whatsapp also has the I->A route in beta for some time too?
There are some preconditions, it's not the easiest, but "no 3rd party" required so to speak
There are some preconditions, it's not the easiest, but "no 3rd party" required so to speak
This is a very welcome feature. However I don't get why they did not do this from the start? They kept crying "It is absolutely impossible because Whatsapp is E2E." And now they just go ahead and implemented it? Either they were lying then, or they are lying now.
Someone shared this above which should answer your question - https://engineering.fb.com/2021/07/14/security/whatsapp-mult...
> To achieve this, we had to rethink WhatsApp’s architecture and design new systems to enable a standalone multi-device experience while preserving privacy and end-to-end encryption.
> To achieve this, we had to rethink WhatsApp’s architecture and design new systems to enable a standalone multi-device experience while preserving privacy and end-to-end encryption.
I honestly don't understand why anyone cares about this so much: how often usb your phone out of batteries and without Internet but you have another device with both Internet and power? I have already been using WhatsApp without issue from my desktop using their downloadable apps for years.
The current architecture is great: I have a single source of trust holding my encryption keys and a single place where I know all of my chats are being archived so I in turn have a single place I can backup and know I have a fully consistent history.
You know what I do want? I just want them to make their desktop app work on iPads and iPhones, so I can use my other phone or--and this seems like it should be "big" for a lot of people (and even sounds like the actual use case at least one person in this thread is excited about)--a tablet to access my account and full chat history.
This doesn't require any changes to their architecture, nor does it require them to do any complex encryption shenanigans they didn't already figure out; it doesn't break the "single source of truth" maxim that WhatsApp currently is best-of-breed at, and particularly for tablets it should be easy as AFAIK their desktop app is just an Electron app anyway: it couldn't take more than a week to port it!
And once you get the desktop app running on other phones, I claim you have solved at least 90% of the actual use cases people have had for "multi-device" for years.
The only case it doesn't handle, again, is the case where my phone is out of either battery or Internet and yet I have another device that has both... which is so rare in the lives of most of the people I know as to call into question the importance of waiting years to satisfy the 90% case of "I just want to use my iPad or my other phone to access my account while my normal phone is downstairs or at home or in my pocket... with Internet and power".
And OK: I know someone is going to now whine "well I had that situation come up once" or even "that happens to me all the time", but I want you to really sit back and think how often that happens, how likely it was, how common it is, and how avoidable it could be... I claim you would have to admit it is actually at best kind of a "you thing" that you have somehow have Internet access and power that you can't share with your phone.
As remember, and it sucks that I feel a need to underscore this: the current WhatsApp desktop experience doesn't require you to ever touch your phone. I am not claiming "just use your phone": I am saying that if the desktop "remote access to your account" app were running on your iPad and your other phones, it would almost certainly cover almost every use case you have...
...and that WhatsApp could have easily done that years ago, but for some reason they chose not to, which makes absolutely no sense to me as it is clearly trivial to do (and in fact people have built third party apps from scratch to do it over the same protocol with tiny teams of probably one person, and yet WhatsApp so far had not).
And if you haven't tried the desktop experience of WhatsApp: do it! It is actually really awesome. I am certainly not claiming it is perfect, and I am sure someone is itching to tell me of the time the app spazed our and all the chats appeared in the wrong order or it refused to connect to their phone until they re-paired it... but if you honestly compare it to pretty much any other chat app's desktop experience, I think you will have to admit that it is at least as good as even the best of them, with the only limitation hat your phone technically has to be "on" somewhere (which I will again claim is a minor inconvenience as you probably want your phone to be on for a number of non-WhatsApp reasons).
The only thing about it that actually limited use cases people seem to commonly have is that it doesn't run on mobile devices: if it did, I think most of this work would have seemed like a waste of time targeting a small niche use case (if what was already a niche use case, as I think most people only own a single phone anyway).
The current architecture is great: I have a single source of trust holding my encryption keys and a single place where I know all of my chats are being archived so I in turn have a single place I can backup and know I have a fully consistent history.
You know what I do want? I just want them to make their desktop app work on iPads and iPhones, so I can use my other phone or--and this seems like it should be "big" for a lot of people (and even sounds like the actual use case at least one person in this thread is excited about)--a tablet to access my account and full chat history.
This doesn't require any changes to their architecture, nor does it require them to do any complex encryption shenanigans they didn't already figure out; it doesn't break the "single source of truth" maxim that WhatsApp currently is best-of-breed at, and particularly for tablets it should be easy as AFAIK their desktop app is just an Electron app anyway: it couldn't take more than a week to port it!
And once you get the desktop app running on other phones, I claim you have solved at least 90% of the actual use cases people have had for "multi-device" for years.
The only case it doesn't handle, again, is the case where my phone is out of either battery or Internet and yet I have another device that has both... which is so rare in the lives of most of the people I know as to call into question the importance of waiting years to satisfy the 90% case of "I just want to use my iPad or my other phone to access my account while my normal phone is downstairs or at home or in my pocket... with Internet and power".
And OK: I know someone is going to now whine "well I had that situation come up once" or even "that happens to me all the time", but I want you to really sit back and think how often that happens, how likely it was, how common it is, and how avoidable it could be... I claim you would have to admit it is actually at best kind of a "you thing" that you have somehow have Internet access and power that you can't share with your phone.
As remember, and it sucks that I feel a need to underscore this: the current WhatsApp desktop experience doesn't require you to ever touch your phone. I am not claiming "just use your phone": I am saying that if the desktop "remote access to your account" app were running on your iPad and your other phones, it would almost certainly cover almost every use case you have...
...and that WhatsApp could have easily done that years ago, but for some reason they chose not to, which makes absolutely no sense to me as it is clearly trivial to do (and in fact people have built third party apps from scratch to do it over the same protocol with tiny teams of probably one person, and yet WhatsApp so far had not).
And if you haven't tried the desktop experience of WhatsApp: do it! It is actually really awesome. I am certainly not claiming it is perfect, and I am sure someone is itching to tell me of the time the app spazed our and all the chats appeared in the wrong order or it refused to connect to their phone until they re-paired it... but if you honestly compare it to pretty much any other chat app's desktop experience, I think you will have to admit that it is at least as good as even the best of them, with the only limitation hat your phone technically has to be "on" somewhere (which I will again claim is a minor inconvenience as you probably want your phone to be on for a number of non-WhatsApp reasons).
The only thing about it that actually limited use cases people seem to commonly have is that it doesn't run on mobile devices: if it did, I think most of this work would have seemed like a waste of time targeting a small niche use case (if what was already a niche use case, as I think most people only own a single phone anyway).
[deleted]