WhatsApp end-to-end encrypted backups rolling out ‘slowly’ | #ios | #apple | #iossecurity


Facebook CEO Mark Zuckerberg last month announced that WhatsApp end-to-end encrypted backups were on the way for those who like to store backups on cloud services like iCloud and Google Drive. That privacy feature is now “slowly” rolling out for both iOS and Android users.

Actual WhatsApp chats are always end-to-end encrypted, but this new feature means that any backups you choose to make get the same level of protection …

Zuckerberg made the announcement on his Facebook page.

While end-to-end encrypted messages you send and receive are stored on your device, many people also want a way to back up their chats in case they lose their phone. Starting today, we are making available an extra, optional layer of security to protect backups stored on Google Drive or iCloud with end-to-end encryption. No other global messaging service at this scale provides this level of security for their users’ messages, media, voice messages, video calls, and chat backups.

You can now secure your end-to-end encrypted backup with either a password of your choice or a 64-digit encryption key that only you know. Neither WhatsApp nor your backup service provider will be able to read your backups or access the key required to unlock it.

With more than 2 billion users, we are excited to give people more choices to protect their privacy. We will be rolling this feature out slowly to those with the latest version of WhatsApp. More information about how you can protect your chat backups with end-to-end encryption on iOS and Android can be found here, and more information about how we built it can be found here.

The company hasn’t said what “slow” rollout means, but it did say that it wants to do it carefully “to ensure a consistent and reliable user experience for people on iOS and Android around the world.”

The most common reason for creating backups is to ensure chats are safe if your devices are lost or stolen. Facebook does issue the obvious warning that E2E encrypted backups cannot be restored if you forget your password, as neither WhatsApp nor your cloud service will be able to decrypt the file.

Once the feature rolls out, open WhatsApp, go to Settings > Chats > Chat Backups > End-to-End Encrypted Backup, and then follow the prompts. If you don’t see the E2E option, then the feature hasn’t yet been rolled out to you.

If you’d like to understand more about how the feature works, there’s a white paper here, and an engineering blog here.

The move may increase pressure on Apple to introduce end-to-end encryption for iCloud backups of iPhones. Currently, backups are encrypted, but Apple holds a key. That is only ever used when presented with a valid court order, but it does create three vulnerabilities. First, not all governments respect human rights, so may issue court orders against political opponents. Second, someone within Apple with the necessary powers could snoop. Third, a hacker could potentially gain access.

A number of us had wondered whether Apple’s CSAM plans might have been a precursor to end-to-end encryption of iCloud backups, as on-device scanning would ensure these were detected before backups were created. The delay to the CSAM launch means that we’re still waiting to find out whether this might be the case.

In the meantime, a company with Facebook’s checkered reputation having a higher privacy standard than Apple when it comes to cloud backups has to sting a little.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

+ forty three = 48