WhatsApp data may shift to the cloud, but may no longer be as encrypted


  • WhatsApp has announced that app data will no longer be backed up on the user’s device but on Google Drive instead.
  • The WhatsApp backups stored on Google Drive won’t count towards the overall storage quota.
  • WhatsApp will also delete any data that hasn’t been updated in over a year starting 12 November 2018.
The spam, good morning messages and incessant event invitations that crowd your phone’s storage won’t be an issue any longer with WhatsApp shifting their storage mapping to the cloud, rather than on the user’s device.

In an official statement, the company stated that starting 12 November any WhatsApp files backed up on Google Drive won’t eat into your original storage quota on the cloud service. But, there’s no such thing as a free dinner.

While all your images, documents, songs, voice notes, and, more importantly, messages will be backed up on Google’s secure cloud storage, they will no longer be encrypted.

Why is encryption important?

You’re obviously aware of amount of personal messages and embarrassing images that are shared on WhatsApp. The app’s end-to-end encryption is what ensures that those messages stay between you and the people you share them with. Nobody can see that communication, not even WhatsApp itself according to the company.

Basically, only the people involved have the key to open the secret door.

While Google claims that data is encrypted as it gets transferred from the device onto Google Drive, its terms and conditions also stipulate that their automated systems do scan your content. This includes, but is not limited to, emails to provide ‘personally relevant’ product features and ‘customised’ search results.

And it’s not just about Google spying on you, it’s about the level of protection as well. While WhatsApp has end-to-end protection, Google uses 256-bit SSL/TLS encryption for data on-the-move and 128-bit AES keys once the data is stored. In layman’s terms, Google Drive’s encryption, though good, isn’t as full-proof.

SSL/TLS encryption is partly in Google’s control, partly in the hands of the user. All it would really take is for your own personal server to not be up-to-date with its encryption, for there to be a loophole where hackers can slip in. There’s an exploit called man-in-the-cloud that lets hackers get past Google Drive encryption without the use of malware or even having to steal passwords.

The lesson at the end of the day is, never place all of your faith in just one service or backup. While cloud services are working hard to improve their security, hackers are working just as hard to find ways around it.

And, if you are going to be using Google Drive for your WhatsApp backups, then perhaps invest in a third party client that can add a level of encryption to take care of all the ‘what if’ scenarios.



{{}}
Subscribe to whatsappSubscribe to whatsapp
Add Comment()
Comments ()
X
Sort By:
Be the first one to comment.
We have sent you a verification email. This comment will be published once verification is done.