this post was submitted on 19 Apr 2024
49 points (100.0% liked)

Privacy

789 readers
5 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz
49
Safest way of using WeChat on Android? (lemmy.ca)
submitted 7 months ago by bionicjoey@lemmy.ca to c/privacy@lemmy.ml
68 comments fedilink hide all child comments
 

I live in Canada. My girlfriend is Chinese (also living in Canada), and while we are able to communicate via SMS, her mobile carrier isn't the best, and so there have often been issues for us with regular texting. She expressed a strong preference to use WeChat, at least as a backup option for when texting fails us. While I have some pretty significant reservations, it's not the hill I want to die on. So my question is: what can be done to use WeChat without compromising my whole phone? I'm okay with it if our conversations aren't private, but I'd like to know that I'm not giving unfettered access to all of my phone's systems and data to the CCP. What can be done to limit the reach of this ubiquitous app on my device?

top 50 comments
sorted by: hot top controversial new old
[–] viking@infosec.pub 31 points 7 months ago* (last edited 7 months ago) (3 children)

I'm in China and have to use that piece of crap. So here's how I locked it down:

  1. Root your phone with Magisk. There's no way around it.
  2. Install Storage Isolation (https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage) and deny access to all folders.
  3. Install ApOps (https://play.google.com/store/apps/details?id=rikka.appops) and set pretty much everything to deny or ignore (ignore means the app receives the information "permission granted", but no data is provided, in case some permissions are "mandatory"). If you intend to use wechat to exchange voice messages or make video calls/send photos, the "use microphone" and "use camera" functions would be required. In a similar fashion the location access if you intend to use the location sharing feature.
  4. Be acutely aware that wechat is not encrypting messages, neither end to end nor in the server communicaton. Everything you say can (and probably will) be read and archived. Don't say anything confidential or critical there.

And yeah really, try to convince your ~~wife~~ girlfriend to use signal instead. Or hell, even whatsapp is miles ahead.

My wife is Chinese as well, so even after we leave here she'll be using wechat to stay in touch with family, no way around it, but using messengers more commonplace in other countries is definitely better. Personally I will move wechat to another phone once we're out. For now that's not feasible as it's too much integrated into every function of life here.

[–] umbrella@lemmy.ml 4 points 7 months ago (2 children)

+1 for signal but i doubt whatsapp is ahead at all

[–] viking@infosec.pub 11 points 7 months ago (3 children)

Whatsapp uses end to end encryption and is far from as intrusive as wechat.

[–] umbrella@lemmy.ml 5 points 7 months ago (2 children)

whatsapp is certainly backdoored, its closed source and unverifiable.

load more comments (2 replies)
load more comments (2 replies)
[–] umami_wasbi@lemmy.ml 4 points 7 months ago (1 children)

At least Whaysapp have the content encrypted

[–] umbrella@lemmy.ml 2 points 7 months ago

its certainly backdoored

[–] EngineerGaming@feddit.nl 3 points 7 months ago (2 children)

Can it be used without a smartphone, like in an Android VM?

[–] bionicjoey@lemmy.ca 3 points 7 months ago

Yeah I was considering Waydroid but then I lose the ability to connect outside of my PC

load more comments (1 replies)
[–] ReversalHatchery 3 points 7 months ago

Don't forget that AppOps is not really standardized, and even the app admits that some phone's system does not implement a restriction properly (or at all).

That being said, it's very good to have, but you have to keep this in mind.
AFAIK lineage os has a more complete implementation.

[–] Duke_Nukem_1990@feddit.de 15 points 7 months ago (1 children)

To answer the question: GrapheneOS and a separate profile would be the safest but still...

If you are both outside of china there really is zero reason (other than preference) to use that piece of spyware.

[–] bionicjoey@lemmy.ca 8 points 7 months ago (3 children)

To answer the question: GrapheneOS and a separate profile would be the safest

I appreciate the suggestion, but maybe I should add that I'd like to not have to change up my phone too much. It's a Fairphone 4 running the OEM Android and my preference would be to keep it that way. Are separate profiles like that a thing on stock Android?

If you are both outside of china there really is zero reason (other than preference) to use that piece of spyware.

She travels back to China sometimes, uses it to contact friends and family back home, and uses it to chat with lots of mainlanders here in Canada. For her it's not weird at all.

In fact, she expressed to me that she's perfectly comfortable with the fact that they use WeChat combined facial recognition technology in China for payment processing. When you get on public transit, you can have them scan your face and it will automatically charge you the bus fare. It really skeeves me out, but it's simply not the hill I want to die on in this relationship. I'm crazy about her in so many ways, it's okay with me if we don't see eye-to-eye on digital privacy.

[–] LWD@lemm.ee 5 points 7 months ago (1 children)

If you're in the US and mostly worried about one app, you can probably devote a Work folder via an app like Shelter to a GF.

[–] bionicjoey@lemmy.ca 4 points 7 months ago (2 children)

I'm not in the US, but what is this Shelter you speak of?

[–] Neuromatic@reddthat.com 6 points 7 months ago* (last edited 7 months ago) (3 children)

https://f-droid.org/packages/net.typeblog.shelter/

Shelter is an app that takes advantage of the work profile in android to install apps in that profile and makes shortcuts for the app in the normal profile. So it feels like you're just using an app as usual but the app is pretty much sandboxed away from all your info.

[–] bionicjoey@lemmy.ca 4 points 7 months ago

Thank you! This is exactly the sort of thing I was looking for!

load more comments (2 replies)
load more comments (1 replies)
[–] huginn@feddit.it 4 points 7 months ago

Android 15 solves your issues -

https://www.androidauthority.com/android-15-private-space-hands-on-3432113/

Private Spaces when they come to Fairphone will be perfect for this.

load more comments (1 replies)
[–] Ilandar@aussie.zone 14 points 7 months ago (2 children)

Ignore the dumbass "why dOn'T yOu jUsT uSe sOmEtHinG bEtTeR" replies. Anyone who has a partner knows that the onus is generally on the privacy-conscious one in the relationship to make these types of concessions, since the other person is usually incapable/unwilling to use something better.

[–] milicent_bystandr@lemm.ee 12 points 7 months ago (1 children)

And, let's be fair, for most people the real loss from this level of compromised privacy/security is far less than the real gain from helping your relationship.

Sometimes I look at products I use from dubious companies, take a step back, and think, this company is actually a blessing in my life even if there is a smaller curse attached. That said, I'm grateful for all the tremendous effort put in by many people to make the digital (and rest of) world a safer, more private, fairer and more honest place. And I try to do at least a little of my share!

[–] thanks_shakey_snake@lemmy.ca 4 points 7 months ago

Damn that's wholesome.

[–] ReversalHatchery 3 points 7 months ago* (last edited 7 months ago) (8 children)

If they are actually totally unwilling to use an other messaging app that has fewer of said negatives, is the partner really interested in that relationship?

I mean, just look at the arguments.
Form OP's side, it's privacy, respect of the user by the service, human freedoms basically.
From the partners side, as I understand, it is pure convenience.
Please reread my first paragraph after reading this second one. It will now hopefully make sense, if it didn't at first.

But to be honest maybe I'm not qualified for this question or something because I have a different attitude to this problem.
To me it's not my primary purpose to find a partner, and everything else is secondary.
To me, getting to know that someone is neck deep in mass surveillance tech and is so comfortable with it that they are inseparable, instantly turns me off. I don't want to live with someone who is perfectly fine with the state messaging app constantly scanning my face with an app on my phone, because that means that our values are clearly very different.

[–] bionicjoey@lemmy.ca 7 points 7 months ago (1 children)

Relationships (of all kinds) are about compromise. You have to recognize that outside of the echo chambers in communities like this one, literally nobody cares about digital privacy to the extent that us nerds do. So you can choose to be dogmatic in your approach and alienate yourself from the >99% of people in the world who don't care, or you can recognize that your own desires for digital privacy need to be weighed against your desires to form meaningful connections with other people.

Personally I prefer to be pragmatic in my approach. I do what I can to look after my privacy within the constraints of actually doing what I need to do to connect with other people. That's why I made this post. My mind is made up that I'm going to at least try to use WeChat, but within that constraint, I want to do everything in my control to limit the app's visibility into the rest of my system.

load more comments (1 replies)
[–] Ilandar@aussie.zone 3 points 6 months ago (1 children)

But to be honest maybe I'm not qualified for this question or something because I have a different attitude to this problem.
To me it's not my primary purpose to find a partner, and everything else is secondary.

It does strike me as quite strange that you would type up paragraphs and multiple comments accusing others of pursuing bad relationships when you appear to have very little experience yourself.

load more comments (1 replies)
load more comments (6 replies)
[–] thanks_shakey_snake@lemmy.ca 11 points 7 months ago (2 children)

FWIW, WeChat and 微信 are different apps. With a non-Chinese phone number and Google Play Store download, you'll be using the international one (WeChat) instead of the Chinese one (微信). There are still privacy concerns, but it'll be less invasive than what you'd have with the version that people in China are buying their groceries with and stuff.

I'm sorry I don't have advice for how to actually protect yourself, though... I'll be keeping an eye on this thread to see what I can learn.

[–] a1studmuffin@aussie.zone 4 points 7 months ago (1 children)

Ah, that's interesting and makes sense. So I guess your best option (if you must use WeChat) is to use the international version of the app with as many permissions disabled as possible.

Or maybe look at the Matrix WeChat bridge? https://matrix.org/ecosystem/bridges/wechat/

[–] bionicjoey@lemmy.ca 3 points 7 months ago (1 children)

I've heard of matrix bridges before but I'm unfamiliar with how to actually set them up and use them. I understand the basic idea is that they relay messages out of matrix and into some other messaging service, but I don't understand how to actually enact that onto the element client on my phone. Matrix is so complicated 😅

[–] a1studmuffin@aussie.zone 4 points 7 months ago

I'll level with you... I've never used Matrix either. 🤣 But all the cool kids around these parts recommend it, and I fundamentally agree with the cause of the project and saw they had the WeChat bridge, so thought I'd mention it.

[–] bionicjoey@lemmy.ca 4 points 7 months ago (1 children)

That's a great point, thanks! I will definitely be using the international one. I expect since I'm getting it through Google Play it'll be constrained based on the OS permissions I give it. And I don't intend to give it any permissions

load more comments (1 replies)
[–] wpuckering@lm.williampuckering.com 11 points 7 months ago* (last edited 7 months ago) (2 children)

You could sandbox it into a work profile that doesn't have access to your main profile. Storage is completely segregated, and the work profile can be easily disabled when you're not using it.

The best solution is obviously to choose another platform and convince your girlfriend to use that, explaining how this little extra effort on her part to use another app goes a long way with you in terms of appreciation and understanding of a partner's boundaries and comfort zone.

load more comments (2 replies)
[–] EunieIsTheBus@feddit.de 9 points 7 months ago (1 children)

Maybe get a girlfriend that isn't a brain washed spy? \s

Just use a different app then? You don't need to come up with some high tech solution. She won't use that anyway. But something simple like signal should be sufficient.

[–] bionicjoey@lemmy.ca 6 points 7 months ago* (last edited 7 months ago) (1 children)

Maybe get a girlfriend that isn't a brain washed spy? \s

Listen here, I like my qt tankie sleeper cell gf. As long as she doesn't hear anyone say the activation phrase, she's very sweet.

For real though, this app is pretty culturally ingrained over there and so I don't really have the option of pushing something else (we all know how real messaging app fatigue has gotten these days). Especially when other apps will be restricted whenever she travels home, and we want something that can serve as a backup when other communication methods aren't an option. I'm pretty sure WeChat will work through The Great Firewall, so it's ideal for our purposes. I have no idea if the same can be said for WhatsApp or Signal.

[–] jjlinux@lemmy.ml 3 points 6 months ago

If you love her (and it seems like you do) talk to her openly about your concerns and suggest something else. Heck, even set up a Matrix user for each and tell her you want to use that exclusively for both of you as a romantic gesture. That's how I got my wife on Matrix (Element).

[–] ReversalHatchery 6 points 7 months ago (1 children)

Why don't you use a better messaging app? If not matrix, then signal? Even telegram is better compared to both wechat and sms.

[–] bionicjoey@lemmy.ca 5 points 7 months ago (1 children)

She's not very tech savvy at all. It would be asking a lot. I'd rather stick to something she is comfortable with.

load more comments (1 replies)
[–] John@discuss.tchncs.de 6 points 7 months ago

I stopped using every messenger besides signal and Matrix. Even my not tech savy parents are using signal now - its in my opinion the better solution to stand your ground and may push others into using the better apps

[–] Bartsbigbugbag@lemmy.ml 5 points 6 months ago

Weird perspective for someone using Google services lmao.

[–] Antitoxic9087@slrpnk.net 4 points 7 months ago (2 children)

If you are serious with this relationship (or you expect to still have Chinese partners in the future), I strongly recommend you buy a separate device for all the Chinese spywares required to maintain communication with your partner(s). At some point you will have to enter China, and it is best that you take only this device with you into it then.

load more comments (2 replies)
[–] guyrocket@kbin.social 4 points 7 months ago (1 children)

If you really want to isolate it, grapheneOS lets you put it in its own profile almost totally isolated from anything in any other profile.

But you probably don't want to buy a g! Pixel.

You could buy a separate phone and only run that app on it. Hassle but it would be secure.

load more comments (1 replies)
[–] eveninghere 3 points 7 months ago* (last edited 7 months ago) (3 children)

Just tell her there's email. If she insists on WeChat... Maybe she's... err...

I mean, a messaging app isn't suited for a back up. Just throw her phone into the toilet, and many such apps are gone forever.

load more comments (3 replies)
load more comments
view more: next ›