WhatsApp webtogo

A friend of mine has WhatsApp and wants me to communicate through it. I don’t know if its privacy risk. If I got WhatsApp webtogo here can I contact her on her WhatsApp?

And is whatsapp webtogo trustworthy?
Must be OK as it’s here?

1 Like

The app uses your device Webview so make sure this is up to date.

The source code is pretty simple: WhatsappWebToGo/app/src/main/java/io/kuenzler/whatsappwebtogo at master · 92lleo/WhatsappWebToGo · GitHub

It is here because it is open source…

That’s mostly up to you

At the moment, it appears it connects to the right site: WhatsappWebToGo/app/src/main/java/io/kuenzler/whatsappwebtogo/WebviewActivity.java at master · 92lleo/WhatsappWebToGo · GitHub

Offtopic, better steer them out of that proprietary silo and on to an open ecosystem like XMPP (Quicksy is pretty easy to setup with a phone number based account and you can use Conversations to talk with them; if they’re on iOS Monal works fine, etc) or Matrix (see Element etc)

1 Like

Maybe you already thought of a firewall - get RethinkDNS, set the app to whitelist mode (aka Isolated), trust / deny domains found in the network log. IIRC, the official WhatsApp needs that bypassing the DNS is allowed in the Rethink settings.

I have not used WAWTG, but I think you still need the official app once, to make an account.

If you’re a sysadmin, you can self-host Matrix Synapse + the WhatsApp bridge. Then install Element on the phone. Maintaining Synapse is a lot of work though.

Also keep an eye on Europe’s Digital Markets Act, see the Matrix blog post. WA will be obligated to open and document the endpoints, so that third-party clients (which probably will pop up anywhere like mushrooms) can do E2EE encrypted chats: 1:1 chats since March 2024, group chats since a couple years later. News journals report that the beta has this experimental tab for federated chats.

I would not hold my breath lol

fixxed :wink:

Sorry for the OT, but a respectable FLOSS enthusiast and pillar of F-droid remarks against Matrix on any chance, as if people care of F-droid but not of vendor lock-in. You know I like to explain F-droid patiently to the distrustful upstreams, hope you don’t see me as a fool merrily oblivious to The Truth. Matrix is the name of these discussions and these summaries to cleanly upstream / merge the features from the official and the unofficial clients into 1-2 documents from here, with paranoia about backward- and forward-compat and corner cases. Everything else is the ecosystem. Yes they do not (but must) tell where an awful lot of money has gone, yes the self-hosting big guys couldn’t care less - FOSDEM every year, German military and government, France govt, Sweden govt. As XMPP is not E2EE by default cross-platform-wise, and the supported feature sets do not match across clients, how is it going to take a clueless user away from WA.

Does the webview need to run nonfree javascript for the app to function?

Though I am not aware of the answer, however you can use any open source and hardened webview like Bromite. That works too.

No you can’t, you can only use what you ROM provides…

Bromite also hasn’t been updated since December of 2022: https://divestos.org/misc/ch-dates.txt

Sure, using a free webview would be nice. But that is independent any required nonfree javascript (if any), which is the same, as far as freedom is concerned, as running an app compiled from nonfree Java/Kotlin code. Does f-droid vet this part when approving an app?

Not exactly. True with exception in phones & models. I have been able to change webview in many of my phones even when not rooted. I used to have Bromite webview only that time. But since its development stopped and since then I had my phone changed too I have been on foogle webview unfortunately.

Yup, know that. Was just citing as an example of different webview client/wrapper.

99.99999999% of users can’t, you know that…

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.