Whatsapp came out on the warpath
You have already heard that WhatsApp was purchased by Facebook . But not less interesting news passed by the attention of the public.
WhatsApp began to pursue an aggressive policy against open solutions that implement its protocol.
This is reported by the developers of the project OpenWhatsApp, which is developing WhatsApp clients for Nokia N9 and Blackberry 10, where there are no official clients for WhatsApp.
At the request of the DMCA complaint, at the end of last week, Github removed over 35 open source repositories and, as WhatsApp lawyers promise, this is just the beginning.
Doubts about the legal purity of the OpenWhatsapp project are generally justified, but there are a number of ethical and business objections to the measures taken.
Let's examine the history of the issue and the position of both sides.
')
So, on February 13, 2014, Tariq Galal wrote a post about mass removal of DMCA code. Note that the purchase offer was made on February 9, and the removal took place on the 12th. The relationship of these two events has not been established, I propose to assess the situation independently.
Tarik Galal is an Egyptian developer who emigrated to Berlin and spends a lot of time writing informal WhatsApp customers.
Initially, he started doing this when he realized that WhatsApp for Nokia N9 would never appear. This is how OpenWhatsapp appeared. Currently, the project has expanded with the BB10 version, since the official BlackBerry version has been ported from Android and, obviously, has drawbacks.
As a result of this gigantic work, OpenWhatsapp supports all the official WhatsApp features.
__
Upd: about Blackberry there are clarifications in the comments habrahabr.ru/post/212957/#comment_7331539
The project has grown and now consists of three parts:
yowsup - open cross-platform library that implements the protocol
wazapp - unofficial client for Meego / Harmattan
OpenWhatsappBB10 - unofficial client for Blackberry 10
These projects, among others, have also been removed from the githab.
OpenWhatsapp does not aspire to be a WhatsApp competitor. The project does not have its own servers, it does not interfere with WhatsApp billing and does not charge itself, it just works. Tariq Galal claims that he likes WhatsApp so much that he spends a lot of time just to have access to it on his favorite platforms.
The ultimate goal for the project is formulated after all on a larger scale: the OpenWhatsapp must be officially recognized, approved and supported by WhatsApp. Now, probably, only "would have to."
The number of users of the Nokia N9 developer is estimated at 200,000 people.
The number of WhatsApp users reached 430 million last month. Compare: Twitter recently counted 200 million active users. Twitter's IPO valuation was $ 13.6 billion.
At the same time, the goal of WhatsApp, let me remind you - " we want to be on every smartphone! "
The discrepancy between the actions of the company and its own program statements is also indicated in the topic about the purchase .
Remote repository names
- noticed in the discussion on Reddit , but using the WhatsApp API is a killer argument in favor of the company. WhatsApp just did not give anyone this permission.
Tariq Galal: “Are they right in their demands? I am not a legal expert, but I’m not sure that there are any violations in the case of Wazapp. [Let me remind you, this is a client under Meego - approx. auth.] It does not have the word “WhatsApp” in its name, it carries a different icon, and does not contain code related to the operation of the WhatsApp service. You can not use it separately, it is just an interface, a wrapper to a separate library.
They did a good job collecting the entire list of open-source projects related to WhatsApp, but ... if the “attack” affected only open source projects, then I would like to know what they are going to do with it? ”
List of third-party applications using WhatsApp:
With an estimate of the scale of add-ons over XMPP in WhatsApp, many are clearly mistaken: “Their API is just plain XMPP with minimal fiddling. Put a zhabber-server, you will have the same quality service, and not just freebies, but also without the banal NSA-shnogo probe ”,“ In fact, their service and their API is a regular Jabber. Where is the intellectual property? ”- say in the comments on OpenNet .
But here are more interesting opinions:
About the scale of XMPP changes in WhatsApp, there is little accurate information. For example, one of the users on Reddit argues that the differences are insignificant:
And with WhatsApp encryption is really a problem. Just a couple of days ago, the media reported on Android malware, which determine the phone number according to WhatsApp login information. That is, this information is stored unencrypted.
Previously unencrypted messages were also. The company claims to have fixed this problem, but it doesn’t specify how. It can be assumed that the company went the simplest way and included support for SSL / TLS, which can be used for a long time in XMPP.
According to US laws, a DMCA complaint can be challenged as easily as it is filed (counter notification, DMCA Counter-Notice) - if the project owner disagrees with the arguments about the infringement of the WhatsApp trademark or intellectual property, then GitHub will remove the blocking before the official trial against the authors of the accused projects.
The application of these laws is somewhat different from the plan. In fact, it is often impossible to submit a counter-notification due to the fact that the corresponding form is hidden deep in the wilds of the site, or the developer does not manage to make a notification correctly without the help of a lawyer. In addition, the filing of counter-notifications with a high probability means a trial, so that there are expenses for a lawyer, which is not always possible.
Approximately for these reasons, Jimm Aspro and Jasmine IM have not yet returned to Google Play (already a year!), Although they promised to withdraw the first one in Mail.ru as soon as possible and explained it with an error.
I would like to finish with a screenshot from the same opennet:
But add a quote from reddit:
Disclaimer: only if you are something you are. If this is not the case, then drop everything - this is the first thing you should do. Otherwise, life will be really bad.
bitbucket.org/kanatsky/yowsup - a yowsup fork on the beatback, possibly outdated
bitbucket.org/kanatsky/wazapp - likewise, wazapp for Meego / Hartmann
bitbucket.org/davidgfnet/whatsapp-purple
Whatsapp DMCA Notice
WhatsApp began to pursue an aggressive policy against open solutions that implement its protocol.
This is reported by the developers of the project OpenWhatsApp, which is developing WhatsApp clients for Nokia N9 and Blackberry 10, where there are no official clients for WhatsApp.
At the request of the DMCA complaint, at the end of last week, Github removed over 35 open source repositories and, as WhatsApp lawyers promise, this is just the beginning.
Writing lib under WhatsApp - then lift Gitlab!
Doubts about the legal purity of the OpenWhatsapp project are generally justified, but there are a number of ethical and business objections to the measures taken.
Let's examine the history of the issue and the position of both sides.
')
Prehistory
So, on February 13, 2014, Tariq Galal wrote a post about mass removal of DMCA code. Note that the purchase offer was made on February 9, and the removal took place on the 12th. The relationship of these two events has not been established, I propose to assess the situation independently.
Tarik Galal is an Egyptian developer who emigrated to Berlin and spends a lot of time writing informal WhatsApp customers.
Initially, he started doing this when he realized that WhatsApp for Nokia N9 would never appear. This is how OpenWhatsapp appeared. Currently, the project has expanded with the BB10 version, since the official BlackBerry version has been ported from Android and, obviously, has drawbacks.
As a result of this gigantic work, OpenWhatsapp supports all the official WhatsApp features.
__
Upd: about Blackberry there are clarifications in the comments habrahabr.ru/post/212957/#comment_7331539
The project has grown and now consists of three parts:
yowsup - open cross-platform library that implements the protocol
wazapp - unofficial client for Meego / Harmattan
OpenWhatsappBB10 - unofficial client for Blackberry 10
These projects, among others, have also been removed from the githab.
OpenWhatsapp does not aspire to be a WhatsApp competitor. The project does not have its own servers, it does not interfere with WhatsApp billing and does not charge itself, it just works. Tariq Galal claims that he likes WhatsApp so much that he spends a lot of time just to have access to it on his favorite platforms.
The ultimate goal for the project is formulated after all on a larger scale: the OpenWhatsapp must be officially recognized, approved and supported by WhatsApp. Now, probably, only "would have to."
The number of users of the Nokia N9 developer is estimated at 200,000 people.
The number of WhatsApp users reached 430 million last month. Compare: Twitter recently counted 200 million active users. Twitter's IPO valuation was $ 13.6 billion.
At the same time, the goal of WhatsApp, let me remind you - " we want to be on every smartphone! "
The discrepancy between the actions of the company and its own program statements is also indicated in the topic about the purchase .
Action Position whatsapp
Squeeze out a DMCA complaint
Please accept this formal notice and request to remove the following content on GitHub. I start with this query to provide you with a sample solution for our requests. We will produce further requests, and the list below is not exhaustive.
...
The following URLs show unauthorized use of the WhatsApp name and logo, use of other WhatsApp content, unauthorized use of the WhatsApp API, and the provision of WhatsApp-related software and services that violate the WhatsApp trademark and the names of whatsapp and logo.
...
Respectfully,
General Counsel
Whatsapp inc
...
The following URLs show unauthorized use of the WhatsApp name and logo, use of other WhatsApp content, unauthorized use of the WhatsApp API, and the provision of WhatsApp-related software and services that violate the WhatsApp trademark and the names of whatsapp and logo.
...
Respectfully,
General Counsel
Whatsapp inc
Remote repository names
OpenWhatsappBB10, whatsapp-purple, node-whatsapp, whatsapp-conversation-burglar, wireshark-whatsapp, whatsapprelay, whatsapp-py, python-whatsapp WART, MissVenom, node-wa, mojowhatsup, yowsup-master, WhatsAPI, yowsup, wazapp, whatspoke, WhatsAPINet - noticed in the discussion on Reddit , but using the WhatsApp API is a killer argument in favor of the company. WhatsApp just did not give anyone this permission.
Debate of the parties. Opinion OpenWhatsApp
Tariq Galal: “Are they right in their demands? I am not a legal expert, but I’m not sure that there are any violations in the case of Wazapp. [Let me remind you, this is a client under Meego - approx. auth.] It does not have the word “WhatsApp” in its name, it carries a different icon, and does not contain code related to the operation of the WhatsApp service. You can not use it separately, it is just an interface, a wrapper to a separate library.
They did a good job collecting the entire list of open-source projects related to WhatsApp, but ... if the “attack” affected only open source projects, then I would like to know what they are going to do with it? ”
List of third-party applications using WhatsApp:
Reviews
With an estimate of the scale of add-ons over XMPP in WhatsApp, many are clearly mistaken: “Their API is just plain XMPP with minimal fiddling. Put a zhabber-server, you will have the same quality service, and not just freebies, but also without the banal NSA-shnogo probe ”,“ In fact, their service and their API is a regular Jabber. Where is the intellectual property? ”- say in the comments on OpenNet .
But here are more interesting opinions:
The problem is not that they took XMPP and used it. The problem is that they ran into projects that did nothing to them, opensource-projects. And we ran where, not in google-play, not in the appstore (or how is this garbage called?), But on github. On a resource intended for developers and advanced users. Do you want me to guess the percentage of WhatsApp users who went to github, cloned turnips, and then collected an application from it by a cross-compiler (or what is it written there, on a toad? I don’t even want to look) under Android? I think you get my point. Those. their users do not have any problems with finding their software, it is already in the markets, it is popular there and the first in the list of issues.
The person who came to github for their software will find it without problems, he knows where and why he came.
From the fact that 38 projects were thrown out with github, they will now have to look for other resources, if the developers do not score at all (which, of course, is unlikely, but still).
The action gives idiocy in that it is directed completely incomprehensible to whom and against whom. Just made a dirty trick to other developers.
> besides, I need the audience that sits in VatsApe
wake up managers from Whatsapp - stole your users from you.
if it were not for Whatsapp, then these users would sit on Jabber (for example? what if? as a last resort - on Google Hangout), and would not have to deal with hemorrhoids, but also pay extra 30 rubles a year to contact these by users.
WhatsApp privacy
About the scale of XMPP changes in WhatsApp, there is little accurate information. For example, one of the users on Reddit argues that the differences are insignificant:
It is not just “based” on XMPP. It is XMPP.
There are no other “changes” than the other.
It is deliberately designed.
And with WhatsApp encryption is really a problem. Just a couple of days ago, the media reported on Android malware, which determine the phone number according to WhatsApp login information. That is, this information is stored unencrypted.
The application without the knowledge of the user checks the phone number of the mobile device, connects to the web page and signs the victim to the service of expensive SMS. At the same time, the phone number is “stolen” from the popular application - WhatsApp. As soon as the user opens WhatsApp, the malicious application receives the phone number and saves it as part of the necessary data to synchronize the account.
According to data from Google Play, this application has been downloaded from 50,000 to 100,000 users. Other applications work exactly the same way, so it's safe to say that four malicious applications could infect from 300,000 to 1,200,000 users in general. At the moment, these four have already been removed from Google Play.
www.ferra.ru/ru/soft/news/2014/02/18/PandaLabs-Google-Play-WhatsApp
Previously unencrypted messages were also. The company claims to have fixed this problem, but it doesn’t specify how. It can be assumed that the company went the simplest way and included support for SSL / TLS, which can be used for a long time in XMPP.
Legal subtleties
According to US laws, a DMCA complaint can be challenged as easily as it is filed (counter notification, DMCA Counter-Notice) - if the project owner disagrees with the arguments about the infringement of the WhatsApp trademark or intellectual property, then GitHub will remove the blocking before the official trial against the authors of the accused projects.
The application of these laws is somewhat different from the plan. In fact, it is often impossible to submit a counter-notification due to the fact that the corresponding form is hidden deep in the wilds of the site, or the developer does not manage to make a notification correctly without the help of a lawyer. In addition, the filing of counter-notifications with a high probability means a trial, so that there are expenses for a lawyer, which is not always possible.
Approximately for these reasons, Jimm Aspro and Jasmine IM have not yet returned to Google Play (already a year!), Although they promised to withdraw the first one in Mail.ru as soon as possible and explained it with an error.
findings
I would like to finish with a screenshot from the same opennet:
But add a quote from reddit:
Give them your XMPP address, make sure you’re figuring out. (Disclaimer: it makes it a little bit more than a bit to make it.)Give them your XMPP address, make sure that Jingle and encryption work, and if they want anything from you, they will figure out how to find you.
Disclaimer: only if you are something you are. If this is not the case, then drop everything - this is the first thing you should do. Otherwise, life will be really bad.
Links and materials
bitbucket.org/kanatsky/yowsup - a yowsup fork on the beatback, possibly outdated
bitbucket.org/kanatsky/wazapp - likewise, wazapp for Meego / Hartmann
bitbucket.org/davidgfnet/whatsapp-purple
Whatsapp DMCA Notice
Source: https://habr.com/ru/post/212957/
All Articles