WhatsApp is one of the most trusted sites used by Gen Z. According to the company, more than half of Americans between the ages 18 and 35 have the app on their devices. It has also become a way for users to communicate abroad, as well as a more social environment than other messaging platforms as the app has rolled out community chats.
One notable reason why many users have flocked to the site is because it seems to prioritize security for users. However, this week, privacy concerns are being raised about a reported bug that affects WhatsApp’s “view once” feature.
“View once” is exactly what it sounds like. When a user sends a photo or video in the mode, the receiving viewer only gets to glimpse it one time before it disappears. The feature has been a part of the site since August 2021, and was enabled for voice messages later that year, too.
The Zengo X Research Team exposed the glitch this week in a blog post. “The Zengo X Research Team has discovered that WhatsApp’s ‘view once’ media feature, intended for increased privacy, is completely broken and can be trivially bypassed,” researcher Tal Be’ery wrote. The blog noted that the team notified Meta of the bug, but felt it was important to explain it to users, as it was already “exploited in the wild.”
The blog post lays out the issue in layman’s terms, as well as technical ones. But essentially, the researchers’ findings showed that “view once” is not terribly difficult to skirt. A number of Reddit threads explain just how to do so by using certain browser extensions aimed to disable the viewing mode, among other seemingly simple methods.
“When we looked into the implementation details we were very surprised to find that although ‘view once’ is meant to be limited to platforms in which the app can control its displayed content and prevent other processes from abusing it, it is not enforced by WhatsApp’s API server. As a result, a client on any platform can download the message and make the ‘view once’ promise void.”
WhatsApp does note that “view once” isn’t totally fool-proof. “Remember that there are other ways your ‘view once’ media or voice message can be saved,” the site explains. “For example, recipients can take a photo or video of your ‘view once’ media with a camera or other device before it disappears.”
Privacy and security have certainly been selling points of the app. Its privacy features have included end-to-end encryption, security codes, a “chat lock” feature, “view once,” automatic spam detection, and more.
The site, which recently rolled out a new design, hasn’t addressed a plan to fix the security issue, but told TechCrunch that more updates are coming. “We are already in the process of rolling out updates to ‘view once’ on web. We continue to encourage users to only send ‘view once’ messages to people they know and trust,” WhatsApp spokesperson Zade Alsawah said in a statement.
Fast Company reached out to WhatsApp in an email but did not hear back by time of publishing.
Melden Sie sich an, um einen Kommentar hinzuzufügen
Andere Beiträge in dieser Gruppe
Sensitive financial and health data belonging to millions of
Dating apps are a notoriously
Slightly under 10 years ago, when I reviewed a new Apple MacBook, I devoted a surprising percentage of my wordage to its port.
WeWard, an app that offers real-world rewards for walking, announced Wednesday it’s signed tennis champ Venus Williams as an investor and ambassador
When Netflix reality show Dubai Bling debuted in 2022, it became a global sensation, garnering viewers across 51 countries. And it’s kept up the momentum: The show’s recently
Quantum researchers are in a race for qubits, and Microsoft is in the thick of the competition.
Microsoft has spent the last 20 years pursuing a topological approach to quantum developme
It’s been a year since Intuitive Machines (IM) made history with the first private soft landing and first
