Not if that E2E protocol is entirely undermined. Which is the case
   here: trust is security. If 600M people think they have privacy and
   don't, that's a problem.

   On 19 November 2014 21:35:33 GMT+00:00, Andy Isaacson
   <adi@hexapodia.org> wrote:

On Wed, Nov 19, 2014 at 09:18:10AM +0000, Cathal (Phone) wrote:

     Eh, easier than than. Keys generated end to end by the book, then
     code
     in the closed source spyware app justs lifts them and posts to FB.
     Open protocols in closed apps are meaningless.

     Not meaningless, although of course open source would be preferable
     from
     a trustability standpoint. I've got the executable code for the
     proprietary WhatsApp apk installed on my phone, and can reverse
     engineer
     it if I so choose. (I'm running CM11 so extracting the APKs is
     fairly
     straightforward.) I also have automatic app updates turned off, so I
     know when the code is supposed to change.
     Of course it would be Best (TM) if everyone could use a completely
     free operating system and had complete freedom to inspect all the
     code
     we depend on. But given the world we live in, 600M users with access
     to
     E2E encrypted messaging is better than 600M users without such
     access.
     -andy

   --
   Sent from my Android device with K-9 Mail. Please excuse my brevity.