Iran asks its people to delete WhatsApp from their devices
206 comments
·June 17, 2025rdrd
Saris
If you read around their points, it sounds like they track general location, log group messages, and provide specific information on request to a government.
perihelions
Meta can also just lie about it. If they were secretly granting backdoor root access to some NSA spooks, like Microsoft did with PRISM or AT&T did with 641A, most likely no one would find out, so, there'd be zero actual downside to simply lying.
lurk2
> like Microsoft did with PRISM or AT&T did with 641A, most likely no one would find out
People did find out.
EGreg
They usually just do a mea culpa:
Camera: https://www.bitdefender.com/en-us/blog/hotforsecurity/facebo...
Audio: https://news.ycombinator.com/item?id=41424016
Conversations: https://www.vice.com/en/article/facebook-said-it-wasnt-liste...
Mass surveillance: https://thehill.com/video/facebook-spying-on-users-new-repor...
Across the web: https://www.wired.com/story/ways-facebook-tracks-you-limit-i...
Beacon: https://www.wired.com/2007/12/facebook-ceo-apologizes-lets-u...
Apps: https://www.theguardian.com/news/2018/mar/17/cambridge-analy...
People who aren't even on facebook: https://www.vox.com/2018/4/20/17254312/facebook-shadow-profi...
Others do it too, e.g. Amazon: https://www.bloomberg.com/news/articles/2019-04-10/is-anyone...
But Facebook has always been on a whole other level
https://www.theguardian.com/technology/2018/apr/17/facebook-...
bboygravity
"'specific information request to government" == fully automated requests for literally everything all the time.
changoplatanero
I think group messages would still be considered personal. It would only be messages you send to a business or in a group with a business that wouldn't be personal.
cess11
They're under the CLOUD Act, doesn't matter what their policies say.
mgraczyk
And they are legally required to do this in most places
luis8
I don't know why you are being downvoted.
https://transparency.meta.com/reports/government-data-reques...
They can't see your messages but then can give ips or accounts that can be inferred to be related given the info meta has access to
zug_zug
This is just a lie. I personally know somebody who worked at meta and they had a whole set of teams dedicated to building tools for governments to mass-export data based on their queries
Now I don't know the exact details of which governments had which access (was it just for warrants, which nations, what was the line between actual terrorist versus persecuting journalists), but there was absolutely bulk export and the fact that they are lying about it makes me inclined to presume the worst.
beejiu
Re: "we don’t keep logs of who everyone is messaging"
From https://faq.whatsapp.com/444002211197967/?locale=en_US:
> In the ordinary course of providing our service, WhatsApp does not store messages once they are delivered or transaction logs of such delivered messages. Undelivered messages are deleted from our servers after 30 days. As stated in the WhatsApp Privacy Policy, we may collect, use, preserve, and share user information if we have a good-faith belief that it is reasonably necessary to (a) keep our users safe, (b) detect, investigate, and prevent illegal activity, (c) respond to legal process, or to government requests, (d) enforce our Terms and policies. This may include information about how some users interact with others on our service. We also offer end-to-end encryption for our services, which is always activated. End-to-end encryption means that messages are encrypted to protect against WhatsApp and third parties from reading them. Additional information about WhatsApp's security can be found here.
Note specifically "information about how some users interact with others on our service", which contradicts their claim they don't keep logs of which people are messaging each other.
cibyr
I think rdrd just missed that piece of the fine wordsmithing - so long as there's at least one person not included in that "some users", then "we don’t keep logs of who EVERYONE is messaging" is still true.
pinoy420
[dead]
SoftTalker
This is the company that built a secret localhost listener on Android so that they could track users across websites even in private mode. Do not believe this for a second.
I'm much more inclined to believe they track everything in high precision and also MITM all the messages. Especially now that they are inserting ads.
NitpickLawyer
They don't need meta's cooperation for this, they can burn one of their 0-click 0-day exploits and target everyone they need to.
edm0nd
Additionally the NSA has all Meta and WhatsApp servers directly tapped and can just harvest data, oops i mean 'meta data', that way. Then just pass that info to Israel when their internal systems get an alert on good intel.
lowwave
> Then just pass that info to Israel when their internal systems get an alert on good intel.
And on top of that if you want make any money with company like X, you need to send your biometrics to some company in Israel. What is this Israel and surveillance capitalism? Or has this always being the case, and I am just now start to realizing it.
have-a-break
[dead]
ALLTaken
Wow that is next level WORD SMITHERY!!
Zuck dribbled and 3D Chessed the Law
META DATA. Literally they did say truthfully they "only" read all the Meta Data, which is actually all data of the company Meta.
dataflow
Aren't push notifications logged and used for getting people's data? This was in the news over a year ago: https://www.wired.com/story/apple-google-push-notification-s...
eddythompson80
In general, all your personal information stored with Google or Apple or any other American company is subject to getting requested by a court order. If you listen to any of the True Crime podcasts, you'll always hear how google searches and cell tower location are always presented in a trial as evidence. People here always think they are so smart saying
> Actualllly you can't prove that it was me who made that search query.
> Actualllly you can't prove that it was me who had that cellphone around that cell tower. Could have been anybody. I could have been hacked.
Judges always allow those evidence and jury always views it as incriminating. What makes more sense, that some unknown hacker hacked into your account and googled something about the thing you're here for, or that you actually just googled it yourself?
dash2
This, also “logs of who EVERYONE is messaging”
imjonse
"we don’t keep logs of who EVERYONE is messaging"
just selected people then?
beejiu
Yep, they confirm it here: https://faq.whatsapp.com/444002211197967/?locale=en_US
"This may include information about how some users interact with others on our service."
netsharc
"We don't log whom Zuck is messaging, and therefore the statement 'we don't keep logs of who[m] everyone is messaging' is mathematically true!"
lordofgibbons
> WhatsApp uses end-to-end encryption, meaning a service provider in the middle can’t read a message.
I wish this meme that "whatsapp is secure because it uses e2e encryption" would die.
Why does it matter if the messages are e2e encrypted if the messages are managed on the two ends of the channel by a closed source binary that does who-knows-what.
The whatsapp app itself sees the clear text message. What it does with that information... or what "metadata" it extracts to send to their servers.. who knows.
miki123211
Considering how popular WhatsApp is, it's very hard to believe that there are no security researchers reverse-engineering its crypto code.
Because WhatsApp uses end-to-end encryption, any backdoor must necessarily be on the client side, and all client-side code can ultimately be reverse-engineered. This makes such backdoors very tricky to implement.
With that said, while I think a "general backdoor" (one that weakens the crypto algorithms so much that all messages can ultimately be read by Meta) is super unlikely, a "vulnerability" in some image parsing library, designed and implemented by the NSA, and only used on the most interesting targets... now that's a different story.
simpaticoder
I think the real reason people don't take supply chain endpoint security seriously is that it too quickly regresses to distrust of the OS and hardware. At that point you abandon smartphones entirely.
SecretDreams
> At that point you abandon smartphones entirely.
Right into my veins
Am4TIfIsER0ppos
You should! They are government surveillance devices that broadcast their position at all times along with every bit of data they gather from their array of sensors: gyro, mic, camera, radio
stefan_
Thats the paranoid answer. The much simpler answer is that you don't maintain the software on it; updates are done silently by whatever the hardware vendor decides passes their muster (or motive).
ajross
> Why does it matter if the messages are e2e encrypted if the messages are managed on the two ends of the channel by a closed source binary that does who-knows-what.
Would you prefer your dissident messages be read by Meta Corporation or the Islamic Republic of Iran? That's the difference.
No, there's no technical difference in the sense that neither solution can be verified to be probably secure vs. third party inspection. But in the real world the specifics of who the actors are are and the tactics they are known to employ are absolutely part of the threat model.
tmnvix
> Would you prefer your dissident messages be read by Meta Corporation or the Islamic Republic of Iran?
I'd prefer my messages to not be available to an actor shown to be using AI to select targets for bombing campaigns.
MitPitt
> read by Meta Corporation or
Neither please! Corpos can obviously sell out or be pressured into giving out info to all sorts of agencies
ajross
That's not responsive, though. The point is there are actual human beings in a war zone under a repressive regime making decisions about software. And they aren't interested in your abstract idea about "corpos" being "pressured". They want not to be snatched by the secret police. Please.
pier25
Israel doesn't even need Whatsapp to be installed.
The IDF's Unit 8200[1] can probably hack most phones in Iran. And if not any of the private companies selling spyware software like the NSO Group[2 and 3].
[1] https://en.wikipedia.org/wiki/Unit_8200
[2] https://en.wikipedia.org/wiki/NSO_Group
[3] https://mepc.org/commentaries/israeli-cyber-companies-overvi...
monero-xmr
I had a coworker from Iran and he said every single computer just runs the same cracked Windows XP version translated into Farsi. Easy to exploit
pier25
No wonder they got into Natanz with stuxnet.
I recommend the documentary Zero Days from 2016 to anyone remotely interested on this.
anonnon
> No wonder they got into Natanz with stuxnet.
While the PCs used to program the PLCs were running XP, the 0-day that Stuxnet exploited affected all versions of Windows, at least from 2000 onwards, including 2008 and Vista.
EDIT: to clarify, the PCs "programmed" the PLCs indirectly, in that while they ran the Siemans STEP 7 IDE to design the centrifuges' control process, the resulting PLC programs were manually transported to the PLCs via USB devices, so there were two airgaps: the XP-running PCs airgapped from the outside world, and then another airgap between the PCs and the PLCs they programmed.
have-a-break
[dead]
TacticalCoder
[dead]
yuvalr1
I'm surprised reading that the Iranian's regime concerns are centered on WhatsApp sharing information with Israel. It is much more likely that WhatsApp have 0-day vulnerabilities used by the Mossad to gain the info than WhatsApp actively sharing it.
yuvalr1
> Iran banned WhatsApp and Google Play in 2022 during mass protests against the government
So more than fearing Israel, they actually fear the public that has an encrypted communication channel that can't be tapped by their police. Explains a lot.
baybal2
[dead]
throw737484848
[flagged]
Ecstatify
Do you have a source for this?
mensetmanusman
He is a US citizen, not an Israeli.
jonplackett
They are probably concerned it would be the platform of choice to communicate during a revolution that Israel is outspokenly trying to foment.
anticodon
Russian soldiers participating in SMO reported multiple times that after they exchange texts and photos with their relatives in WhatsApp, that information ends up in Ukrainian military HQs next day. With photos. And later used, for example, to harass the relatives of the soldier.
Could be some other mechanism (e.g. Google Drive or some other kind of malware), hard to be sure in the world, where since 2011 Snowden's revelations, bugs are placed my NSA and CIA everywhere, starting from hardware and firmware.
MoonGhost
> Could be some other mechanism
if it was it would be true for telegram as well.
luckylion
Russian soldiers chatting with their family know what precisely happens in the Ukrainian military HQ the next day? That sounds too crazy to be even remotely true, and too convenient a story ("they are harassing your family, go murder someone").
bartekpacia
> Russian soldiers participating in SMO
Russian soldiers participating in the invasion of Ukraine. FTFY.
bravoetch
Anyone in Iran that can comment on this? What are citizens there thinking about WhatsApp?
hexomancer
Iranian here. Most Iranians use Telegram or Whatsapp, both of which are blocked right now and can only be used using VPNs (they have been blocked for years, though whatsapp was unblocked a few months ago, but it is blocked again after the Israel attack). I don't think many Iranians believe, or care about what the regime says, though there is a small minority of regime supporters that might, but they probably were not using whatsapp to begin with.
Though I must say, the regime itself seems to really believe this, for example there was some news that high-ranking officials are now banned from using electronic devices that connect to the internet like mobile phones.
null
cess11
I don't know but they have local alternatives, the iranians have a bridge protocol that federates several services:
rasz
Delete this app that lets you organize aka "please dont overthrow us".
mupuff1234
I'd like to think that it's because WhatsApp is adding ads.
rasz
9 out of 10 dentists recommend overthrowing your oppressive regime.
CommanderData
There's good reason to believe lots of western apps have back doors, if not backdoors served to countries like Iran from app stores.
Also car tech and cameras. Literally a wet dream if I worked at a three letter agency, real time surveillance of streets which is actually extremely difficult normally. Can't think of how many times I've wanted a recent picture of a street or house miles away, with 360 car cameras you can track people, see changes maybe from just minutes ago.
I don't know why these countries don't block or mandate these features are completely turned off.
bevr1337
> There's good reason to believe lots of western apps have back doors
A common sentiment in this thread. My gut and practical experience both tell me this is true on some level, but how do folks distinguish tinfoil hat conspiracy from legitimate speculation?
CommanderData
Probably because it's fairly difficult to detect. I doubt the code imports backdoor.dll.
The UK now has laws to gag domestic companies and force them to implement backdoors.
v5v3
Did you read all the Snowden files?
The NSA, and it's partners, capabilities and the lengths it is willing to go to are staggering.
krapp
>but how do folks distinguish tinfoil hat conspiracy from legitimate speculation?
Plausibility and evidence, for which there's plenty in this case.
Although it seems less likely to me that Western apps have backdoors and more likely that Western law enforcement and intelligence have free access to the data, but it's probably both.
bevr1337
> more likely that Western law enforcement and intelligence have free access to the data
This I have firsthand experience with and agree. Why invest effort when agencies can simply take what they want?
lenerdenator
All of this to avoid saying "We'd be fine with you existing within your pre-1967 borders."
JumpCrisscross
Do you see an out for Khamenei et al? They can’t credibly dismantle their nuclear deterrent and expect to keep their heads. Israel and America cannot accept it, particularly now that its conventional defences have been shown ineffective.
The classic approach, airlifting the Ayatollah to a dacha in Moscow while the IRGC saves face and plots a forever path to new elections, falls apart when you consider how Iran’s internal security and geopolitical alignment would need to be sculpted in a way that would satisfy the great powers. (Iranian crude fuels China’s refineries.)
krisoft
> They can’t credibly dismantle their nuclear deterrent
Mainly because they don’t have one and never had one. Hard to dismantle something you don’t have. Even harder to do so credibly.
They had programs to obtain a nuclear deterrent. They can dismantle those programs. But they never had the actual nuclear deterrent itself.
JumpCrisscross
Sure, I mean that Khamenei can’t come out and say he’s shutting down enrichment, letting in the IAEA, actually do it and expect to stay in charge.
anon291
I'm not sure why we should be 'fine' with people existing in their pre-1967 borders. I'm not advocating any military action, but the idea that we should just shrug while a great classical civilization's entire history and archaeology are being held hostage by iconoclastic religious zealots is not something any humanitarian should just shrug at.
Lordarminius
All the major social media and messaging platforms are compromised and serve as tools for surveillance, so the Iranian government isn't wrong.
mkoubaa
Not wrong, but Meta in particular is uniquely compliant to the wishes of state actors.
ranger_danger
Source:
Synaesthesia
The Snowden leaks revealed the PRISM program, whereby major tech companies like Facebook, Apple etc all collaborate with the US government. No reason to believe that's still not in place.
hypeatei
FISA, Room 641A, Patriot Act.
Jackpillar
lol "source?" man I really hate you nerds. Idk read a book or an article since like 2008 that isn't tech crunch. Keep up so we can have adult conversations
null
fuzzer371
[flagged]
Lordarminius
[flagged]
ty6853
Iraq and Gaza was an absolute joke compared to what it would take to topple the Iranian militants, militias, and government.
Much of the terrain is similar to Afghanistan. Tribal islamic alliances are resilient against loss of central governance. There is a massive porous mountainous border to 2+ countries that conceivably will look the other way for certain islamic militants.
I know everyone wants to gobble down the campaign about complete air superiority and toppling of leaders, and that WhatsApp may be separating the regime from 52 virgins, but realize this is a propaganda campaign. This initial propaganda only serves to manufacture consent long enough to buy citizens in to blood so they can't back out. We're in the process of being tricked.
Buttons840
Iran has their terrorist group proxies throughout the region. I think there's some truth to this, although the actions of some truly rogue terrorist groups probably get blamed on Iran because it's been the zeitgeist for a few decades to find reasons to attack Iran.
Whatever the case, the current Iran regime hasn't given nuclear material, chemical weapons, or biological weapons to these terror groups.
If the current Iran regime is eliminated from afar, with some fly-by bombings or whatever, what happens in the chaos that follows? Nuclear material and other weapons do not poof out of existance when the government that created them falls. Which group will control the nuclear material going forward? Roll the dice to find out.
seydor
Tribal?
fakedang
LoL exactly what I thought. Persians are extremely proud of being NOT tribal, unlike their Azeri, Afghani, Turkmeni or Tajik neighbours. Most Persians consider themselves proud inheritors of the Achaemenid and Sassanid Empires.
JumpCrisscross
> Iraq and Gaza was an absolute joke compared to what it would take to topple the Iranian militants, militias, and government
It wouldn't be a cake walk. But America could topple the government in Tehran about as easily as it did in Baghdad or, frankly, Kabul. The problem in Iraq and Afghanistan wasn't a failure to decapitate the opposing state. It was in filling the vacuum that left.
msgodel
Why are we toppling all these foreign governments and creating instability that breads terrorism in places that otherwise have nothing to do with us?
This seems so exceptionally counter productive.
mandevil
Afghanistan was in the middle of a semi-active civil war when the US joined the fray, and by providing large scale air support to Northern Alliance troops on the ground, the situation changed abruptly. Iraq involved multiple US divisions of troops, which took months to get into position to launch a large scale ground invasion. Libya was in the middle of a very active civil war when the US started Operation Odyssey Dawn(1).
All of those cases involved a whole lot of troops on the ground, which is something that I see as notably missing from any plans discussed so far. Outside troops invading seems like a very bad idea, because Iran's population is about that of those other three combined. Operating sufficient outside country ground troops to topple the existing government would quickly lead to friction between civilians and the outside troops, which would almost certainly quickly turn into a revolt of some kind, and fatally undermine any government they attempted to put in place. Also, it would take a very long time for sufficient US force to topple the Iranian government to arrive in the area, and then either launch a D-Day style opposed amphibious assault or operate from one of Iran's neighbors with sea access (2). But because there is no preexisting Iranian civil war, there is no local source of ground troops either.
I don't think we've ever seen a government toppled by external air-strikes alone. The general consensus from research is that being bombed makes citizens support the government more, not weaken their resolve.
1: It didn't lead to change of government, but Operation Allied Force- the NATO bombing of Serbia helped the Kosovo Liberation Army achieve their independence- again air-power supporting troops on the ground to achieve an aim, not air-power alone. What eventually toppled the government of Serbia was the Bulldozer Revolution a year later, with no outside military force involved.
2: Your choices are not going to be good ones. Iraq? Turkey through Kurdistan? Pakistan?
v5v3
Iraq and Afghanistan lacked friends though.
Iranian Regime has strong backing from Brics and others.
candiddevmike
America really can't afford this right now. We spent _trillions_ on the last middle east operation.
kibibu
Those things didn't seem very easy.
Lordarminius
Baghdad and Kabul had nowhere near the military capabilities of the Iranians who can close shipping lanes, sink US warships and attack military bases and oil installations in the region, in addition to devastating all the major Israeli cities. In the chaos that ensues, the Chinese and Russians would move in and take advantage. The global economy would grind to a halt and America would spiral into a depression that would take at least a decade to recover from.
null
keybored
> I know everyone wants to gobble down the campaign about complete air superiority and toppling of leaders, and that WhatsApp may be separating the regime from 52 virgins, but realize this is a propaganda campaign. This initial propaganda only serves to manufacture consent long enough to buy citizens in to blood so they can't back out. We're in the process of being tricked.
Everyone wants to gobble down... I.e. here’s another invasion war but it’s our ally this time so it’s good actually. They’re gonna dezanify^W de-islamism Iran.
ranger_danger
Anyone have a non-captcha-looped source?
geor9e
It's the Associated Press, so googling the headline will reveal hundreds of syndicates. Same for Reuters.
soccstyleway
[flagged]
I find the wordsmithery on Meta's statement the most interesting:
“We do not track your *PRECISE* location, we don’t keep logs of who everyone is messaging and we do not track the *PERSONAL* messages people are sending one another," it added. “We do not provide *BULK* information to any government.”