Re: Collects whats?
Elsevier has a journal called "Digital Investigation"? An upmarket Phrack?
Still, good work at analyzing the innards of the protocol, but it's about as "info-sucking" as SS7. Or not. It depends what is going over the protocol once it has been set up.
But clearly the goal is to help the gumshoes:
From its wide adoption, it is obvious how WhastApp communication exchanges may be used during an nvestigation, making the artifacts it produces of compelling forensic relevance. Therefore, we see a strong necessity for both researchers and practitioners to gain a comprehensive understanding of the networking protocol used in WhatsApp, as well as the type of forensically relevant data it contains. Most importantly, due to the newly introduced calling feature, it becomes essential to understand the signaling messages used in the establishment of calls between the WhatsApp clients and servers. The methods and tools used in this research could be relevant to investigations where proving that a call was made at a certain date and time is necessary.
What's the point?
The article says:
This data included WhatsApp phone numbers, WhatsApp phone call establishment metadata and date-time stamps, as well as WhatsApp phone call duration metadata and associated date-time stamps. They also were able to acquire WhatsApp's phone call voice codec (Opus) and WhatsApp's relay server IP addresses used during the calls.
So, this "collecting" phone numbers, call duration and other stuff is clearly what WhatsApp needs to make the call.
Don't know exactly what the article is about. Somebody has looked into WhatsApp traffic and fails to find someone with their hand in the cookie jar?
From my reading of the paper
the story isn't that WhatsApp is doing a nefarious data slurp, but that it's possible to decrypt its network traffic and extract forensically relevant metadata from it.
WhatsApp does not encrypt images, so it's easy to find them on your phone, if you need to. The text messages are saved as encrypted .db files using the .crypt8 extension. If you would like to read your backup of files you may follow these instructions:
WhatsApp asks for permission to see *everything* when you install it
Which is why I declined at that point. Creepy, but quite upfront about it.
It is a Facebook company after all, so creepiness is part of the business model.
One day they will threaten to release all your data if you don't pay regular 'subscription' fees - you have been warned...
Re: One day they will threaten to release all your data if you don't pay regular 'subscription' fees
No. They won't. The freely given data is far too valuable to threaten slowing down the data warehousing. After all, they are in competition with Google, the arch data-theft criminal, to utilise and monetise behavioural AI.