WhatsApp has encountered a serious vulnerability within its “View Once” privacy feature. According to a report by PCMag, this issue in the web version of the messaging app allows users to bypass the security measures and download media files that were intended for one-time viewing.
How View Once Works and the Problem Identified
Normally, when a user sends a photo or video through the “View Once” feature, the recipient is supposed to view it only once using the WhatsApp app on Android or iOS. Saving, forwarding, or taking screenshots is restricted. If accessed through the web or desktop version, a notification appears: “You have received a photo for one-time viewing. For additional privacy, you can only open it on your phone.”
However, cybersecurity specialist Tal Be’ery demonstrated that despite these safeguards, the feature can be compromised, notes NIXSolutions. Be’ery recorded a video on macOS showing how the link to the media file is visible in the page code, making it possible to download the content later. This finding was shared with TechCrunch, raising concerns over the reliability of WhatsApp’s privacy promises.
WhatsApp’s Response and Future Actions
Be’ery stated, “The only thing worse than no privacy is a false sense of security when users believe that certain features are private when, in fact, there is no privacy. WhatsApp’s View Once feature is currently an example of non-existent privacy and should either be completely fixed or removed.”
Following the notification of the issue, Meta was contacted by Be’ery’s team and TechCrunch. A Meta spokesperson responded, “We are already working on an update to View Once on the web and continue to recommend that users only send time-limited messages to people they trust.”
As Meta addresses the vulnerability, we’ll keep you updated on further developments and privacy improvements to WhatsApp’s View Once feature.