Security News

WhatsApp announced today that it had expanded the privacy control features with the addition of default disappearing messages for all newly initiated chats. Today, with the launch of default disappearing messages, the company also added two new durations that allow setting up messages to disappear after 24 hours or 90 days.

Spyware maker NSO Group cannot use its government clients to shield itself from litigation, a US appeals court ruled on Monday, a decision that allows WhatsApp's lawsuit against the Israel-based firm to resume. In 2019, Facebook and its WhatsApp subsidiary sued NSO claiming the firm's intrusion software, known as Pegasus, was used to unlawfully compromise the accounts of WhatsApp customers.

Element, which makes Matrix-based communications and collaboration tools, has launched a consumer-oriented version of its messaging platform, complete with bridges for WhatsApp, Signal and Telegram. Over the months it has introduced supported bridging tech to allow enterprise users to message users on other platforms such as Slack, Teams and WhatsApp.

WhatsApp is rolling out end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing your chats, regardless of where they are stored. Currently, WhatsApp allows you to create backups of all your chats and store them on online storage services.

Facebook's WhatsApp on Thursday began a global rollout of end-to-end encryption for message backups, which offers Android and iOS users with the ability to protect WhatsApp messages stored in Google Drive and Apple iCloud. WhatsApp claims no other similarly large global messaging service provides E2E encryption for users' stored communications and media - WhatsApp has more than 2bn users and in some regions serves as the de facto communications platform.

Facebook, Instagram, and WhatsApp are starting to come back online after a BGP routing issue caused an over five-hour worldwide outage. As explained by Giorgio Bonfiglio, a Principal TAM at Amazon AWS, various Facebook routing prefixes had suddenly disappeared from the Internet's BGP routing tables, effectively making it impossible to connect to any services hosted on their IP addresses.

As of Monday afternoon, Facebook had been flat on its face for hours, suffering a simultaneous worldwide outage not only on its main site, but also at its Instagram, WhatsApp, Messenger and Oculus VR subsidiaries. The New York Times reported that Facebook's internal communications platform, Workplace, was also dragged offline, "Leaving most employees unable to do their jobs." It's been a thumb-twiddling afternoon, the Times reported, with two Facebook employees comparing it to a "Snow day."

Users worldwide are reporting that they are unable to access Facebook, Instagram, and WhatsApp, instead seeing errors that the sites can't be reached. When attempting to open any of the three sites, they are given DNS PROBE FINISHED NXDOMAIN errors and advised to check if there is a typo in the domain entered in the address bar.

End-to-end encryption isn't designed to secure messages against the intended recipients. New revelations about WhatsApp's moderator access to messages last week might seem like they run counter to the company's privacy-forward brand, but a closer look shows the messaging service's privacy protections remain in place and are operating as intended.

WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. "With the introduction of end-to-end encrypted backups, WhatsApp has created an HSM based Backup Key Vault to securely store per-user encryption keys for user backups in tamper-resistant storage, thus ensuring stronger security of users' message history," the company said in a whitepaper.