Experimental News Clipping Site

The Register: WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics

by

system automation
in

Source URL: https://www.theregister.com/2024/12/10/whatsapp_view_once/
Source: The Register
Title: WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics

Feedly Summary: And it only took four months, tut
WhatsApp has fixed a problem with its View Once feature, designed to protect people’s privacy with automatically disappearing pictures and videos.…

AI Summary and Description: Yes

Summary: The recent fix by WhatsApp for its View Once feature highlights ongoing challenges in privacy protection for disappearing messages. Initial flaws in the mechanism that allowed bypassing of privacy controls prompted updates, demonstrating the importance of transparency and user trust in app updates for security.

Detailed Description:
WhatsApp’s enhancement of its View Once feature—intended to allow media to self-delete after being viewed—illustrates critical developments in privacy tools within messaging platforms. Although initially introduced in 2021, the feature had a vulnerability that could let users access disappearing messages through specific web clients and browser extensions. Here are major points of significance:

– **Flaw in Privacy Mechanism**: Researchers identified that the View Once feature could be easily circumvented via certain rogue browser extensions, which undermined user privacy expectations.

– **Response to Vulnerability**: WhatsApp quickly issued a fix but reportedly fell short initially, still allowing some media to be accessed post-vanishing.

– **Recent Updates**: The latest software update claims to fully address the identified vulnerabilities, blocking rogue extensions from retrieving disappearing media.

– **Ongoing Commitments**: WhatsApp emphasizes its commitment to enhancing privacy protocols continuously, urging users to keep their app updated and only to share disappearing media with trusted contacts.

– **Acknowledgment from Researchers**: The co-founder of Zengo, the firm that uncovered the initial flaw, recognized the improvements stemming from their responsible disclosure, indicating a collaborative effort between security researchers and companies to enhance user safety.

This situation serves as a reminder for security professionals about the necessity of vigilance in app security practices and the need for effective communication about privacy features from developers to users. Moreover, it emphasizes the critical nature of updates in curbing security vulnerabilities quickly and effectively.