"The feature, similar to Lockdown Mode in Apple iOS and Advanced Protection in Android, aims to protect individuals, such as journalists or public-facing figures, from sophisticated spyware by trading some functionality for enhanced security. Once this security mode is enabled, some of the account settings will be locked to the most restrictive options, while simultaneously blocking attachments and media from people not in a user's contacts."
""This lockdown-style feature bolsters your security on WhatsApp even further with just a few taps by locking your account to the most restrictive settings like automatically blocking attachments and media from unknown senders, silencing calls from people you don't know, and restricting other settings that may limit how the app works," Meta said."
"In tandem, the social media giant said it's adopting the use of the Rust programming language in its media sharing functionality to help keep users' photos, videos, and messages safe from spyware attacks. It described the development as the "largest rollout globally of any library written in Rust." The company also said the use of Rust made it possible to develop a secure, high-performance, cross-platform library ("wamedia") for media sharing in WhatsApp across devices, adding it's investing in a three-pronged approach to combat memory safety issues -"
WhatsApp introduces Strict Account Settings to secure high-risk users by locking certain settings to the most restrictive options and blocking attachments and media from unknown contacts. Users can enable the mode via Settings > Privacy > Advanced, with a gradual rollout over the coming weeks. WhatsApp also adopts Rust for media sharing and deploys a cross-platform "wamedia" library, representing a large global Rust deployment. The strategy pairs Rust adoption with measures to minimize attack surface, invest in security assurance for remaining C/C++ code, and default to memory-safe languages for new code. Additional protections include CFI, hardened memory allocators, and safer buffer handling.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]