Meta announced new Strict Account Settings on WhatsApp to better protect high-risk users from advanced cyber attacks.
Meta announced new Strict Account Settings on WhatsApp to enhance the security of high-risk users from advanced, targeted cyber attacks.
“Strict Account Settings is one of many ways we’re working to protect you from the most sophisticated of cyber threats.” reads the announcement. “We’ve also rolled out a programming language called Rust behind the scenes to help keep your photos, videos, and messages safe from things like spyware, so you can share and chat with confidence.”
Strict Account Settings is a new lockdown-style security feature that applies the most restrictive privacy settings, limits how the app works, and blocks attachments or media from people not in your contacts. The company announced that the feature will roll out gradually and can be enabled via Settings > Privacy > Advanced.
“This lockdown-style feature bolsters your security on WhatsApp even further with just a few taps by locking your account to the most restrictive settings like automatically blocking attachments and media from unknown senders, silencing calls from people you don’t know, and restricting other settings that may limit how the app works.” reads the announcement published by Meta.
“You can turn on Strict Account Settings, which will be rolling out in the coming weeks, by going to your WhatsApp Settings, then to Privacy, and then to Advanced.”
Meta also said it is adopting the Rust programming language in WhatsApp’s media sharing features to better protect photos, videos, and messages from spyware, calling it the largest global rollout of a Rust-based library.
Rust enabled the creation of a secure, high-performance, cross-platform media library called wamedia. The company is also following a three-part strategy to address memory safety: reducing attack surface by design, strengthening security for existing C and C++ code, and using memory-safe languages by default for new development. Additional protections include control-flow integrity, hardened memory allocators, and safer buffer handling, reinforcing WhatsApp’s defense-in-depth approach.
Meta also announced the adoption of the Rust programming language in WhatsApp’s media sharing features to better protect photos, videos, and messages from spyware, calling it the largest global rollout of a Rust-based library.
“Rust enabled WhatsApp’s security team to develop a secure, high performance, cross-platform library to ensure media shared on the platform is consistent and safe across devices. This is an important step forward in adding additional security behind the scenes for users and part of our ongoing defense-in-depth approach.” concludes Meta’s announcement. “Security teams at WhatsApp and Meta are highlighting opportunities for high impact adoption of Rust to interested teams, and we anticipate accelerating adoption of Rust over the coming years.”
Rust enabled the creation of a secure, high-performance, cross-platform media library called wamedia. The company is also following a three-part strategy to address memory safety: reducing attack surface by design, strengthening security for existing C and C++ code, and using memory-safe languages by default for new development.
“WhatsApp has added protections like CFI, hardened memory allocators, safer buffer handling APIs, and more. C and C++ developers have specialized security training, development guidelines, and automated security analysis on their changes. We also have strict SLAs for fixing issues uncovered by the risk identification process.” states Meta.
Additional protections include control-flow integrity, hardened memory allocators, and safer buffer handling, reinforcing WhatsApp’s defense-in-depth approach.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, WhatsApp)
