Bug lets anyone bypass WhatsApp’s ‘View Once’ privacy feature

A recent bug in WhatsApp's "View Once" feature has raised concerns about privacy, particularly for users who rely on the app to share sensitive media. The feature, introduced to offer more privacy by allowing photos and videos to be viewed only once before disappearing, has been compromised, making it possible to bypass its restrictions through WhatsApp Web.

The vulnerability was exposed by Tal Be'ery, a cybersecurity researcher at Zengo, who demonstrated how simple tweaks to the WhatsApp Web code could allow users to save or even share the supposedly temporary media. The flaw stems from how WhatsApp Web processes the "View Once" flag that is attached to the media, allowing for manipulation that defeats the privacy safeguard.

This bug highlights how even widely-used and trusted apps like WhatsApp can have security flaws that expose users' private information. While the platform has restrictions in place to prevent screenshots on mobile devices, this loophole on WhatsApp Web opens a backdoor for bypassing those protections. Users expecting high levels of security for their shared media are being misled into believing their content is inaccessible after one view, which is not the case until the bug is fixed.

While WhatsApp has acknowledged the issue and promised to release a patch to address the vulnerability, it serves as a stark reminder that digital privacy features, though useful, aren't foolproof. Experts recommend users exercise caution when sending private media, especially if they rely on temporary features like "View Once." Sharing sensitive content only with highly trusted individuals is advised until the platform fully resolves the issue.