from Hacker News

WhatsApp Messaging Interoperability

by namanaggarwal on 3/7/24, 8:02 PM with 146 comments

by PandaBear123 on 3/7/24, 9:03 PM
> 7.5.1. Partner User Location. Any Partner Users that Partner Enlists or provides access to the Interoperable Messaging Services must be located and remain in the EEA. Without limiting Section 11 (Warranties), Partner represents and warrants that it will only (i) Enlist and (ii) enable access to the Interoperable Messaging Services by Partner Users that Partner independently validates are located in the European Economic Area, (i.e., a Partner User must be present within the European Economic Area within any consecutive sixty (60) calendar day period). If WhatsApp detects or otherwise has reasonable grounds to suspect a Partner User Enlisted to receive the Interoperable Messaging Services is not located in the European Economic Area or is no longer located in the EEA, WhatsApp reserves the right to immediately suspend such Partner User(s) from accessing the Interoperable Messaging Services, and if multiple violations are detected, Partner shall remedy Partner's location validation procedures to ensure compliance with the terms of this Agreement.
Looks like interoperability is geo-fenced to Europe only.
by arp242 on 3/7/24, 11:33 PM
Gosh, all of this is so locked down.
I've been waiting for this, and hoping I could "just" cook up some of my own code to use with WhatsApp, and/or integrate it with Pidgin or bridge to email or whatever. But the entire process is about as hostile as possible.
For example "Partner shall have in place a dedicated security team" basically excludes most startups, or most smaller companies.
It's not clear to me if this is really complying with the DMA – it's certainly not in the spirit of it, but less sure about the letter of it.
by sebtron on 3/7/24, 9:40 PM
So any messaging app that wants to implement Whatsapp interoperability has to apply for it, pray to get their blessing and then sign an NDA.
It is probably a positive change for end users, but far far away from the "open up your protocol" I was hoping for.
by ChrisArchitect on 3/7/24, 8:42 PM
Related:
Making messaging interoperability with third parties safe for users in Europe
https://engineering.fb.com/2024/03/06/security/whatsapp-mess... (https://news.ycombinator.com/item?id=39614085)
by irusensei on 3/7/24, 8:36 PM
Signal or matrix interop would be great. I use WhatsApp as the logistical tool of choice to communicate with my coworkers when away from the company but I wish I could uninstall it. Not my tribe.
by Razengan on 3/7/24, 8:35 PM
There's something really appalling that I discovered lately and I can't believe there isn't enough uproar about it. Every attempt to talk about this gets ignored or buried (maybe by people who want this ""feature"" to be kept quiet) so I will take every opportunity on existing discussions about Facebook to bring it up:
Facebook (and TikTok) store tracking data on iOS that the user CANNOT SEE and CANNOT DELETE:
• It shows my previous account even after I delete the app.
• Clearing Safari's cache does not work.
• Disabling iCloud Drive and iCloud Keychain does not work.
• Even completely signing out of iCloud does not work!
• On a Mac in the Terminal, you can go to ~/Library/Mobile Documents and "ls -al" to see hidden folders like "iCloud~com~Facebook~Messenger" that you cannot otherwise view or delete.
• Someone mentioned that even RESTORING an iCloud BACKUP will resurrect these "eternal cookies"!!
----
WHERE do they store this data?
WHY can't the user see this data?
WHY can't the user delete this data without going through the app?
WHAT ELSE do apps store on our devices that we aren't even aware of? (This is just what we can see: The list of saved accounts for "quick login")
HOW MANY other apps are secretly doing this?
WHY does Apple, parading around as a pompous paragon of privacy, even allow this in the first place??
by 2Gkashmiri on 3/7/24, 9:24 PM
If I a EU citizen (wink wink) and want to communicate with my family member living in usa, will this let me or not let me?
by datanut on 3/7/24, 8:34 PM
I wonder how desirable and feasible a [matrix] interop would be.
by TremendousJudge on 3/7/24, 8:33 PM
Chances they'll make this available in any place where it's not required by law? zero? Or have they mentioned it at some point?
by tensor on 3/7/24, 10:31 PM
If only the DMA also required that users that are not E2E encrypted be displayed as such. As a user, it's important to know when your chat is actually secure. Competition should not be at the expense of security.
by Sytten on 3/8/24, 2:57 AM
I am wondering if DMA forces Signal to also be less hostile to third party clients. It's not like they have been open to it up to now.
by nottorp on 3/7/24, 9:29 PM
Is there some loophole to just do custom WhatsApp clients without running your own network?
One that never loads images would be lovely.
by advisedwang on 3/7/24, 9:28 PM
Wow this shows the DMA might really do some good.
I'm impressed with EU regulation. Standardized chargers, ending roaming charges, GDPR, DMA. Definitly worth the side effects overall.
by lannisterstark on 3/8/24, 3:24 AM
Sigh
Just...use Matrix or XMPP or something ffs. The open protocols _already exist_.
by Pannoniae on 3/7/24, 8:40 PM
The most hilarious part:
"Partner represents and warrants that it shall not introduce into WhatsApp’s Systems or Infrastructure, the Sublicensed Encryption Software, or otherwise make accessible to WhatsApp any viruses or any software licensed under the General Public Licence or any similar licence (e.g. GNU Affero General Public License (AGPL), GNU General Public License (GPL), GNU Lesser General Public License (LGPL)) containing a "copyleft" requirement during performance of the Services"
by brink on 3/7/24, 8:32 PM
Why do all Meta websites intentionally break the back button? It makes me irrationally angry every time I visit facebook or instagram for how disrespectful it is, it's like it springs a trap where I'm not allowed to leave in the browser tab I arrived in.