[londons_explore]

WhatsApps cloud backup on Android sits on Google drive by default.

It is encrypted with a per user key known to WhatsApp.

That means for a third party to access the chats, they need Google to hand over the data, and Facebook to hand over the key.

The logical next step to add would be for Google to additionally encrypt the data with the users logon password or something derived from it. Google won't do this anytime soon for business reasons.

[keyme]

I've posted this here before.

> It is encrypted with a per user key known to WhatsApp.

This is no longer true! For a few years now. The backup is stored on Google Drive in plain text.

https://faq.whatsapp.com/android/chats/about-google-drive-ba...

[FiloSottile]

That page doesn't say that, and "tied to the phone number" sounds like they will only give you the key if you can authenticate via SMS.

Do you have a better cite or did you check directly recently?

[keyme]

You can extract it yourself.

https://github.com/YuriCosta/WhatsApp-GD-Extractor-Multithre...

I do not vouch for this repo, but it gets the job done.

The only creds required are your Google account creds. No per-user whatsapp keys necessary.

[FiloSottile]

That's disappointing, thank you for the link.

[beagle3]

https://github.com/B16f00t/whapa (among other tools) appears to download it from Google without requiring any key from facebook or a rooted device.

I haven't tried this specific tool yet (or others recently) but it was definitely possible in the past without requiring any key from FB/WA.

[londons_explore]

> authenticate via SMS

It's now "authenticate via SMS and pin (if enabled), or authenticate via SMS and wait 7 days (if pin enabled)"

[Dumbdo]

I'm sorry, but where did you get that information from? The FAQ only states:

> Media and messages you back up aren't protected by WhatsApp end-to-end encryption while in Google Drive.

That makes sense, why would you re-encrypt the messages with the end-to-end-key which is individual for each chat, if you could simply use a symmetric encryption for backups?

So the statement

> It is encrypted with a per user key known to WhatsApp.

could still hold true, there's no information contrary to that in the FAQ (but no information indicating another kind of encryption either).

[sdflhasjd]

WhatsApp backups are a bit of an anti-feature, as I found out while trying to ditch the app after the recent policy update.

1) The backup can only be made to Google drive, you cannot create a manual backup to a location of your chosing

2) The backup is created in a secret folder that cannot be accessed by the user

3) The backup is deleted if you delete your account. (not much of a backup, eh?)

4) You can only create per-channel exports, but this won't export the entire chat, it will export up to ~12MB of recent media, and ignore the rest, silently. WhatsApp would only share the last 40 messages of a 4-year-old chat because the last few messages contained a few images.

[londons_explore]

I believe there is still an (undocumented, unofficial) way to backup to the SD card. The backup is still encrypted tho, and can only be restored to the same whatsapp account as created it.

[ycombinete]

Interesting. I just created a 900MB backup of a chat history, on my iOS WhatsApp, that appears to have all messages and all data.

[tinus_hn]

Being an iOS device it probably doesn’t ‘backup’ to Google Drive so this story may not apply

[ycombinete]

yeah, on ios whatsapp backs up the data to icloud

[Denvercoder9]

WhatsApp also creates (encrypted) backups in the WhatsApp/Databases folder on your internal storage. Aside from a single line displaying the time of the last local backup in the backup settings it's not really well-documented though.

[jsmith99]

I can't find any source for this 12MB limit? Backups I've restored (Android) seen to contain all media although I haven't checked in detail.

[Denvercoder9]

That point was talking about the "Export Chat" function (which creates a medialess text file), not the backup function.

[paranoidrobot]

> encrypt the data with the users logon password or something derived from it

This leads to inability to restore a backup if you forget your password and need to reset it.

That's going to lead to screams/tears from a lot of folks who don't realise those implications.

[garmaine]

> That means for a third party to access the chats, they need Google to hand over the data, and Facebook to hand over the key.

National intelligence agencies (plural) would already have both.

[londons_explore]

True, but it still makes the attack surface much smaller - employees of neither company could steal your data. Your data is now protected by the intersection of the companies privacy policies rather than the union of them.

[beagle3]

It used to be that way. But then, one day, Google announced that WhatsApp backups (a) no longer count towards your quota, and (b) are no longer encrypted.

There are two beneficiaries of this change:

1) Intelligence and law enforcement agencies, which now have direct access to WhatsApp history for everyone who uses cloud backup (99.9% of users, if not 100%), without the need to 0day any specific phones, risk detection, or even have those phones on except occasionally.

2) Google, who can now mine your private conversations, metadata, etc.

(At a tiny storage cost for Google, for which they are likely compensated by the NSA)