WhatsApp's End-to-End Encrypted Chat Backups Feature Now Rolling Out

[MacRumors]

WhatsApp end-to-end encrypted backups are now rolling out for iPhone users, Facebook has announced. Until now, WhatsApp let users back up their chat history to ‌‌iCloud‌‌, but the messages and media contained in the backups weren't protected by WhatsApp's end-to-end encryption while in ‌‌Apple's cloud servers‌.

Since Apple holds the encryption keys for ‌iCloud‌ Backup, a subpoena of Apple or an unauthorized ‌iCloud‌ hack could have potentially allowed access to WhatsApp messages backed up there. Apple was reportedly pressured to not add encryption to ‌iCloud‌ Backups after the FBI complained.

Going forward, however, users can create a password or 64-bit key to protect their backup in cloud-based storage, whether they're saved in iCloud or Google Drive.

Facebook CEO Mark Zuckerberg made the announcement, saying that users can generate a password of their choice or a 64-digit encryption key that only they know in order to access their WhatsApp chat backups.

While end-to-end encrypted messages you send and receive are stored on your device, many people also want a way to back up their chats in case they lose their phone. Starting today, we are making available an extra, optional layer of security to protect backups stored on Google Drive or iCloud with end-to-end encryption. No other global messaging service at this scale provides this level of security for their users' messages, media, voice messages, video calls, and chat backups.

You can now secure your end-to-end encrypted backup with either a password of your choice or a 64-digit encryption key that only you know. Neither WhatsApp nor your backup service provider will be able to read your backups or access the key required to unlock it.

The encrypted chat backups feature will gradually be rolled out to more than two billion users on Android and iOS, and will be available in every market where WhatsApp is operational, which could put the company at odds with some governments.

• How to End-to-End Encrypt Your WhatsApp Chat Backups in iCloud

Notably, Apple is not making its upcoming ‌iCloud‌+ Private Relay encrypted browsing feature available to users living under certain authoritarian regimes, including China, Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda, and the Philippines. According to Apple, "regulatory reasons" are preventing the Private Relay feature from launching in those countries.

Article Link: WhatsApp's End-to-End Encrypted Chat Backups Feature Now Rolling Out

 

[justperry]

I still get these nagging pop-ups to agree to their terms, guess what.....Nope, not gonna agree.

Encrypted backups though is always good news.

 

[Serban55]

I trust you mark zuckerberg !!! i trust you with my sword

 

[seble]

A 64 bit key? Really, not even 128? What's the point...

 

[nikaru]

At this stage I think no one trusts Facebook, even if they say to have implemented the most cutting-edge, alien-level encryption technology, that cannot be decrypted even with the most state-of-the-art military-grade quantum computer.

 

[sinoka56]

A 64 bit key? Really, not even 128? What's the point...

Use the password?

 

[Unsupported]

It's also worth noting that if you have ‌iCloud‌ Backups turned on for your entire ‌iPhone‌, an unencrypted version of your chat history is also backed up to ‌iCloud‌. To ensure your WhatsApp chats and media are only backed up with end-to-end encryption, turn ‌iCloud‌ Backup off on your device. You can do this in the Settings app by tapping your Apple ID banner at the top, selecting iCloud, and turning off iCloud Backup.

Does that mean that to have WhatsApp back up encrypted you have to turn off the entire iCloud backup for the device, or only the WhatsApp backup on iCloud?

 

[justperry]

A 64 bit key? Really, not even 128? What's the point...

I just looked up how long it'll take to decrypt, 64 bit, about 545 years for a single-core CPU, 128 bit, about 700 billion times the age of the universe.

Time taken for a brute force attack on a key size of 64-bits​

 

[Denzo]

I moved to signal after that debacle with WhatsApp. I know I woknt be missed but not really into all the Facebook Insta WhatsApp stuff.

 

[haruhiko]

It’s the turn for iCloud backup, Apple.

 

[cyanite]

Since Apple holds the encryption keys for ‌‌iCloud‌‌,

This is incorrect, as stated. Apple holds the encryption keys for iCloud Backup, not for iCloud in general. There are several containers for which Apple don't hold the encryption keys, including iMessage. For iMessage in particular, though, Apple puts a copy of its key into the iCloud Backup. So if iCloud Backup is used, iMessage isn't effectively end to end encrypted. Otherwise it is.

But for other things, like health data or keychain, no such backup key is put into the backup.

 

[BootsWalking]

Zuckerberg to the public: No other global messaging service at this scale provides this level of security for their users' messages, media, voice messages, video calls, and chat backups.

Zuckerberg behind closed doors: People Who Trust Me Are "Dumb F*cks"

 

[MathersMahmood]

Marks gonna be so pissed that he’s forced to do this instead of reading your messages and selling you ads based on it.

 

[lucasrant]

It's also worth noting that if you have ‌iCloud‌ Backups turned on for your entire ‌iPhone‌, an unencrypted version of your chat history is also backed up to ‌iCloud‌. To ensure your WhatsApp chats and media are only backed up with end-to-end encryption, turn ‌iCloud‌ Backup off on your device. You can do this in the Settings app by tapping your Apple ID banner at the top, selecting iCloud, and turning off iCloud Backup.

Does that mean that to have WhatsApp back up encrypted you have to turn off the entire iCloud backup for the device, or only the WhatsApp backup on iCloud?

I don’t think this was accurately written. I think you can just disable iCloud backup for WhatsApp specifically. You can still backup your other apps to iCloud.

 

[Unsupported]

I don’t think this was accurately written. I think you can just disable iCloud backup for WhatsApp specifically. You can still backup your other apps to iCloud.

That's what I think too. That quote was from the macrumors link in the article. Maybe they should clarify.

 

[kstotlani]

I moved to signal after that debacle with WhatsApp. I know I woknt be missed but not really into all the Facebook Insta WhatsApp stuff.

I did that and moved all my family, a good part of friends circle but now only 4 people including me remain. I failed and WhatsApp won.

 

[jlc1978]

It's also worth noting that if you have ‌iCloud‌ Backups turned on for your entire ‌iPhone‌, an unencrypted version of your chat history is also backed up to ‌iCloud‌. To ensure your WhatsApp chats and media are only backed up with end-to-end encryption, turn ‌iCloud‌ Backup off on your device. You can do this in the Settings app by tapping your Apple ID banner at the top, selecting iCloud, and turning off iCloud Backup.

I don’t think this was accurately written. I think you can just disable iCloud backup for WhatsApp specifically. You can still backup your other apps to iCloud.

As I read it, you have to disable iCloud backup globally, not locally. That makes no sense, for obvious reasons. My guess is iCloud backup is independent and still occurs even if the app does its own. If I am correct, your choice is to encrypt one app's data at the expense of backups for others or encrypt one apps data and keep a much less secure copy in the backup as well.

 

[ksec]

That's what I think too. That quote was from the macrumors link in the article. Maybe they should clarify.

This is wrong and needs to be updated. Even before this Whatsapp encryption feature it has been doing double backup by default if you have set up backup inside Whatsapp as well.

By Default, iCloud Backup, backups your Whatsapp

Whatsapp itself also has a backup function which backup Whatsapp to iCloud Drive

You end up having two backup on your iCloud wasting space. ( Not necessary a bad thing consider restoring isn't always 100% reliable. )

 

[citysnaps]

Child's play for NSA.

 

[NekoFever]

It's also worth noting that if you have ‌iCloud‌ Backups turned on for your entire ‌iPhone‌, an unencrypted version of your chat history is also backed up to ‌iCloud‌. To ensure your WhatsApp chats and media are only backed up with end-to-end encryption, turn ‌iCloud‌ Backup off on your device. You can do this in the Settings app by tapping your Apple ID banner at the top, selecting iCloud, and turning off iCloud Backup.

Does that mean that to have WhatsApp back up encrypted you have to turn off the entire iCloud backup for the device, or only the WhatsApp backup on iCloud?

No.

Settings > Apple ID > iCloud > Manage Storage > Backups > This iPhone > turn off the toggle for WhatsApp

It’s a stupid implementation because unless you dig into the backup settings your phone will back up potentially many gigabytes of WhatsApp chats twice.

 

[rhaezorblue]

Is there any way to encrypt our full-device backups stored in iCloud? I'm guessing no.

 

[DaveWil]

A 64 bit key? Really, not even 128? What's the point...

There is a lot of restrictions of exporting application outside the US that provide greater than 64 end to end encryptions, so this may have something to do with this.

 

[Ronnie600]

Related to this,


I have a contact that I haven't spoken to in a while but still have them as a contact. A while back I had a few messages with him and then after a while I deleted those messages on whatsapp. I remember i just copied and highlighted those messages and deleted it. So when you go to that contact on whatsapp, there is no chat history with that person. My question is, does that mean the chat history is completely erased or not? I read that whatsapp is owned by facebook and messages are not truly encrypted like signal... is that true? Thus any message you had with anyone on whatsapp is on their whatsapp servers?



Now the thing I want to know is, is there a way to retrieve old deleted whatsapp messages on my iphone if one has access to my phone? Thus imagine i give my phone to someone and let them use it etc. Could they restore all my whatsapp messages that I ever deleted or not? Thing is i only want the text messages from one contact who I haven't spoken to permanently deleted... though I thought that I did that a while back when I deleted it. Basically I was upset at that guy and raged at him and never talked to him ever again. But I found out I never actually deleted him as a contact and i'm pretty sure he hasn't deleted me as a contact.




Anyone can answer me this? Because isn't there a whatsapp chat backup that is there where it could restore it? Again I just want the chat with that one whatsapp contact to be permanently deleted. Would deleting that contact do anything or not at all?

 

[Robbie B]

I trust you mark zuckerberg !!! i trust you with my sword

lmao!!!!!! That's the comment I am looking for!!!

 

[Obaxzity]

Good blogspot