WhatsApp is one of the most trusted sites used by Gen Z. According to the company, more than half of Americans between the ages 18 and 35 have the app on their devices. It has also become a way for users to communicate abroad, as well as a more social environment than other messaging platforms as the app has rolled out community chats.
One notable reason why many users have flocked to the site is because it seems to prioritize security for users. However, this week, privacy concerns are being raised about a reported bug that affects WhatsApp’s “view once” feature.
“View once” is exactly what it sounds like. When a user sends a photo or video in the mode, the receiving viewer only gets to glimpse it one time before it disappears. The feature has been a part of the site since August 2021, and was enabled for voice messages later that year, too.
The Zengo X Research Team exposed the glitch this week in a blog post. “The Zengo X Research Team has discovered that WhatsApp’s ‘view once’ media feature, intended for increased privacy, is completely broken and can be trivially bypassed,” researcher Tal Be’ery wrote. The blog noted that the team notified Meta of the bug, but felt it was important to explain it to users, as it was already “exploited in the wild.”
The blog post lays out the issue in layman’s terms, as well as technical ones. But essentially, the researchers’ findings showed that “view once” is not terribly difficult to skirt. A number of Reddit threads explain just how to do so by using certain browser extensions aimed to disable the viewing mode, among other seemingly simple methods.
“When we looked into the implementation details we were very surprised to find that although ‘view once’ is meant to be limited to platforms in which the app can control its displayed content and prevent other processes from abusing it, it is not enforced by WhatsApp’s API server. As a result, a client on any platform can download the message and make the ‘view once’ promise void.”
WhatsApp does note that “view once” isn’t totally fool-proof. “Remember that there are other ways your ‘view once’ media or voice message can be saved,” the site explains. “For example, recipients can take a photo or video of your ‘view once’ media with a camera or other device before it disappears.”
Privacy and security have certainly been selling points of the app. Its privacy features have included end-to-end encryption, security codes, a “chat lock” feature, “view once,” automatic spam detection, and more.
The site, which recently rolled out a new design, hasn’t addressed a plan to fix the security issue, but told TechCrunch that more updates are coming. “We are already in the process of rolling out updates to ‘view once’ on web. We continue to encourage users to only send ‘view once’ messages to people they know and trust,” WhatsApp spokesperson Zade Alsawah said in a statement.
Fast Company reached out to WhatsApp in an email but did not hear back by time of publishing.
Connectez-vous pour ajouter un commentaire
Autres messages de ce groupe
Twitter cofounder Jack Dorsey is back with a new app that tracks sun exposure and vitamin D levels.
Sun Day uses location-based data to show the current UV index, the day’s high, and add
AI chatbot therapists have made plenty of headlines in recent months—s
The latest version of Elon Musk’s artificial intelligence chatbot Grok is echoing the views of its
When an emergency happens in Collier County, Florida, the
A gleaming Belle from Beauty and the Beast glided along the exhibition floor at last year’s San Diego Comic-Con adorned in a yellow corseted gown with cascading satin folds. She could bare
The internet wasn’t born whole—it came together from parts. Most know of ARPANET, the internet’s most famous precursor, but it was always limited strictly to government use. It was NSFNET that bro
