This is ridicolous, they block the account of people for no reason, making them loose years of messages, and now they come up with encrypted backups... they should focus on improving their support. They have only an email address for support. Try to get your account unblocked if their AI decides to block you. Good luck
This is great to see, particularly as WhatsApp currently handles this entirely incompetently despite claiming that the feature exists, providing no accurate or sane documentation about local backups. I recently had the issue for the second time of losing over a year of messages due to dysfunctional WhatsApp backups, about which I wrote a blog post of complaints/rants [1].
The user, as far as I can tell at least on Android, currently has no viable option besides uploading their messages, unencrypted, to Google.
I hate WhatsApp, it has a habit of losing messages. And transferring WhatsApp to a new phone is almost impossible to do without losing some messages EVEN if your current phone still works.
You have to hit the backup button, and hope it finishes and sends everything to Google before you get a new messages from anyone. If you do get a messages, press backup and try again (or just lose that message).
Recently I had the misfortune of trying to transfer WhatsApp from a phone that took 22 hours to finish each backup - so there was no other option except lose messages.
And if your phone is dead, you are all but guaranteed to lose messages, since it uses the last backup.
It gets worse - if you delete photos from your WhatsApp storage, WhatsApp does not delete them from the Google backup. If you do this for long enough you can end up with a Google backup too large to restore to any phone (or at least too large to fit in your current phone - I guess you could buy a 256GB model).
You have to delete the Google backup every once in a while, and then quickly backup again (which takes hours or days, since it has to re-upload every single photo and video you have).
All WhatsApp needs to do to fix this is: a: continuous backups - you get a message, it saves that message to google, or b: save at least 1 month worth of old messages, so that it has them in case you need to restore from an old backup. (It could prune old message every time you finish a backup.)
And don't get me started on the misery that is losing your phone, or it breaks, and you are without a phone for a little while - you have zero options of getting messages. At least with SMS you could put the SIM card in a loaner phone, but WhatsApp probably won't fit in some cheap phone without much storage.
I hate WhatsApp with a passion, and I wish it didn't exist - but I have no choice but to use it, since all my contacts don't even seem to understand what a regular text even is.
And I can guarantee that this encrypted backup with cause lots and lots of people to lose their messages.
The option to use a private encryption key is presumably useful, though their still storing logs unencrypted on the users device.
The password option is not really what I would call end-to-end encrypted. This is only as secure as a dictionary attack on users passwords so in practice it looks to be trivially crackable should the FBI etc get a copy of the users “encrypted” data in the key vault + their logs from the cloud storage provider.
There is no way that’s true on a compromised server.
The backups need to be recoverable just from the server and a new phone. Your adversaries can just directly copy all data.
Picture this: Copy my backup of the server to a new VM, run that, try N passwords, repeat step 1. Of course they can also just modify the software running on the VM.
"The HSM-based Backup Key Vault will be responsible for enforcing password verification attempts and rendering the key permanently inaccessible after a limited number of unsuccessful attempts to access it"
Is this standard practice for HSM? It seems to give hackers the ability to maliciously delete the users key and thereby effectively delete the users data.
Cool but do you trust it? I certainly don’t. You can write all the white papers in the world but unless it’s free and open source code, and can be audited by the user, it could be simply marketing snake oil.
I would strongly encourage you not to be backing up your messages on the server, even if they are encrypted. Better still, switch to auto deleting messages. You never know when your message history will be used against you. Carrying around years and years of every conversations can put them and you in potential danger. Words are frequently misinterpreted. Stored Communications are your liability.
14 comments
[ 2.6 ms ] story [ 52.2 ms ] threadI think this is similar to how Google encrypts your backups.
https://news.ycombinator.com/item?id=28484681
The user, as far as I can tell at least on Android, currently has no viable option besides uploading their messages, unencrypted, to Google.
[1] https://vinayh.com/posts/2021-08-28/
You have to hit the backup button, and hope it finishes and sends everything to Google before you get a new messages from anyone. If you do get a messages, press backup and try again (or just lose that message).
Recently I had the misfortune of trying to transfer WhatsApp from a phone that took 22 hours to finish each backup - so there was no other option except lose messages.
And if your phone is dead, you are all but guaranteed to lose messages, since it uses the last backup.
It gets worse - if you delete photos from your WhatsApp storage, WhatsApp does not delete them from the Google backup. If you do this for long enough you can end up with a Google backup too large to restore to any phone (or at least too large to fit in your current phone - I guess you could buy a 256GB model).
You have to delete the Google backup every once in a while, and then quickly backup again (which takes hours or days, since it has to re-upload every single photo and video you have).
All WhatsApp needs to do to fix this is: a: continuous backups - you get a message, it saves that message to google, or b: save at least 1 month worth of old messages, so that it has them in case you need to restore from an old backup. (It could prune old message every time you finish a backup.)
And don't get me started on the misery that is losing your phone, or it breaks, and you are without a phone for a little while - you have zero options of getting messages. At least with SMS you could put the SIM card in a loaner phone, but WhatsApp probably won't fit in some cheap phone without much storage.
I hate WhatsApp with a passion, and I wish it didn't exist - but I have no choice but to use it, since all my contacts don't even seem to understand what a regular text even is.
And I can guarantee that this encrypted backup with cause lots and lots of people to lose their messages.
The password option is not really what I would call end-to-end encrypted. This is only as secure as a dictionary attack on users passwords so in practice it looks to be trivially crackable should the FBI etc get a copy of the users “encrypted” data in the key vault + their logs from the cloud storage provider.
https://eprint.iacr.org/2018/163.pdf
The backups need to be recoverable just from the server and a new phone. Your adversaries can just directly copy all data.
Picture this: Copy my backup of the server to a new VM, run that, try N passwords, repeat step 1. Of course they can also just modify the software running on the VM.
Is this standard practice for HSM? It seems to give hackers the ability to maliciously delete the users key and thereby effectively delete the users data.
If the password verification attempts are passed through directly to the HSM, then yes, this is standard.