Source files of fsfe.org, pdfreaders.org, freeyourandroid.org, ilovefs.org, drm.info, and test.fsfe.org. Contribute: https://fsfe.org/contribute/web/ https://fsfe.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

94 lines
4.6 KiB

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <html newsdate="2020-02-28">
  3. <version>1</version>
  4. <head>
  5. <title>Security scandal around WhatsApp shows the need for decentralised messengers and digital sovereignty</title>
  6. </head>
  7. <body>
  8. <h1>Security scandal around WhatsApp shows the need for decentralised messengers and digital sovereignty </h1>
  9. <p>The recent security scandal around WhatsApp and
  10. access to the content of private groups shows that there is an urgent
  11. need for action with regard to secure communication.</p>
  12. <p>Links to private chat groups in the proprietary WhatsApp messenger
  13. can be used to show the communication and private data of group
  14. members, even if you are not a member. The links could be found on
  15. various search engines. Even if they are removed from search results,
  16. links still work and give access to private group communication. Among
  17. these groups are also administrations like civil servants of the
  18. Indonesian Ministry of Finance. This case shows again that digital
  19. sovereignty is crucial for states and administrations. The security
  20. breach was first reported by <a
  21. href="https://www.dw.com/en/whatsapp-security-flaw-over-60000-groups-still-accessible-online/a-52543414">Deutsche
  22. Welle</a>.</p>
  23. <p>In order to establish trustworthy and secure communication,
  24. governments need to strengthen interoperable Free Software solutions
  25. using <a href="/freesoftware/standards/">Open Standards</a> and enable decentralisation. This helps
  26. administrations as well as individuals to protect their privacy and
  27. empowers them to have control of the technology they use. The software
  28. is already in place and was used by most of the internet users before
  29. Google and Facebook joined the market: XMPP! This open protocol, also
  30. known as Jabber, has been developed by the Free Software community
  31. since 1999. Thanks to Open Standards it is possible to communicate with
  32. people who use a completely different client software and XMPP server.
  33. You are even able to communicate with other services like ICQ or AIM -
  34. some might remember. XMPP has also been used by tech enterprises like
  35. Facebook and Google for their chat systems, but both eventually
  36. switched to isolated proprietary solutions, so XMPP has been forgotten
  37. by many users.</p>
  38. <p>Still, there are many XMPP servers in use and - as the recent
  39. scandal around WhatsApp shows - it should be considered as an
  40. alternative by users nowadays. But of course there has also been a
  41. development in the field of Free Software and Open Standard messengers
  42. in the last decades. For instance the Matrix protocol is a widely
  43. recognised and respected standard for secure and decentralised
  44. communication. This is proven by the fact that it is being used by
  45. large Free Software communities like <a
  46. href="https://discourse.mozilla.org/t/synchronous-messaging-at-mozilla-the-decision/50620">Mozilla</a>,
  47. <a
  48. href="https://dot.kde.org/2019/02/20/kde-adding-matrix-its-im-framework">KDE</a>,
  49. but also in the whole <a
  50. href="https://matrix.org/blog/2018/04/26/matrix-and-riot-confirmed-as-the-basis-for-frances-secure-instant-messenger-app">French
  51. administration</a> or <a
  52. href="https://joinup.ec.europa.eu/collection/open-source-observatory-osor/news/matrix-pilot-bwmessenger">Germany's
  53. armed forces</a>.</p>
  54. <p>The Free Software Foundation Europe therefore asks governments to
  55. use interoperable, decentralised Free Software messenger solutions and
  56. also provide funds for security programmes like bug bounties
  57. around these projects. Individuals are advised to change their
  58. messenger to a Free Software one. </p>
  59. <p>The FSFE also started an initiative called "Public Money, Public
  60. Code!", requiring that publicly financed software developed for the
  61. public sector be made publicly available under a Free and Open Source
  62. Software licence. If it is public money, it should be public code as
  63. well. The campaign is supported by administrations like the city of
  64. Barcelona, more than 180 NGOs and 27.000 individuals. You can find more
  65. information on <a href="https://publiccode.eu">publiccode.eu</a>.</p>
  66. <p>For users of Android mobile phones, the Free Software Foundation
  67. Europe started the "<a href="/activities/android/">Free Your
  68. Android</a>" campaign. It helps users to regain control of their data
  69. and Android device by replacing proprietary components and eventually the
  70. complete operating system with Free Software. The FSFE collects
  71. information about running an Android system as free as possible and
  72. coordinates efforts in this area.</p>
  73. </body>
  74. <tags>
  75. <tag key="front-page"/>
  76. <tag key="fya">Free Your Android</tag>
  77. <tag key="openstandards">Open Standards</tag>
  78. <tag key="pmpc">Public Code</tag>
  79. </tags>
  80. </html>