WhatsApp Announces Strict Account Settings for Protecting At-Risk Individuals Against Sophisticated Cyberattacks

On Monday, WhatsApp announced a new security policy to protect at-risk people from sophisticated cyberattacks. It is a feature known as Strict Account Settings, which claims to lock the targeted user’s account to the most restrictive setting by blocking attachments and other media received from people not in their list of contacts. It is a new security measure that will be available to all users over the next weeks, according to Meta-owned instant messaging platform.

Strict Account Settings on WhatsApp

In WhatsApp’s blog post, the new Strict Account Settings feature is targeted to journalists or public-facing figures who are at risk of cyberattack if they have been attacked. This is essentially the lockdown mode on WhatsApp account, which restricts instant messaging functionality.

The feature can be enabled by opening WhatsApp on your phone and navigating to Settings > Privacy > Advanced.

WhatsApp’s new program to protect at-risk people from cyberattacks and spyware is said to include Strict Account Settings. A programming language called Rust was also introduced to help the Meta-owned app, which aims at protecting photos videos and messages from potential security breaches.

The company says Rust is a memory-safe language that was developed in parallel with wamedia, WhatsApp’s cross-platform C++ library for sending and consistently formatting MP4 files. For example, differential fuzzing and extensive integration and unit tests were applied to ensure compatibility between the two implementations.

This is said to have given performance and runtime memory usage advantages over C++, which the tech giant replaced with 90,000 lines of Rust (along with 160,000 lines) of C+ code. In its introduction, it is said WhatsApp has created a secure, high-performance and cross platform library for sharing the media across devices to ensure that all of them are uniform.

WhatsApp has also received protections such as CFI, hardened memory allocators, safer buffer handling APIs and more in recent years. In addition to this, developers have been trained in specialised training, development guidelines and automated security analyses of the changes they make. Lastly, WhatsApp is also said to use strict SLAs for fixing problems identified by the risk identification process.

These measures are part of Meta’s defence-in-depth approach.