WhatsApp on Monday announced a new security measure aimed at safeguarding at-risk individuals against sophisticated cyberattacks. Dubbed Strict Account Settings, it is a feature that is claimed to lock the targeted user's account to the most restrictive setting, blocking attachments and other media received from people not in their list of contacts. The Meta-owned instant messaging platform says its new security measure will be rolling out to all users over the coming weeks.

Strict Account Settings on WhatsApp

According to WhatsApp's blog post, the new Strict Account Settings feature is aimed towards journalists or public-facing figures who are at a high risk of cyberattack. It essentially enables lockdown mode on the WhatsApp account, limiting the functionality of the instant messaging platform.

The feature can be enabled by opening WhatsApp on your phone and navigating to Settings > Privacy > Advanced.

Strict Account Settings is claimed to be part of WhatsApp's latest initiative to safeguard at-risk individuals against cyberattacks and spyware. To aid in its ambitions, the Meta-owned app also introduced a programming language called Rust to protect photos, videos, and messages from potential security breaches.

As per the company, Rust is a memory-safe language that was developed in parallel with wamedia, WhatsApp's cross-platform C++ library for sending and consistently formatting MP4 files. To ensure compatibility between the two implementations, differential fuzzing and extensive integration and unit tests were used.

The tech giant replaced 160,000 lines of C++ code with 90,000 lines of Rust, which is claimed to have shown performance and runtime memory usage advantages over C++. Its introduction is said to have enabled WhatsApp to develop a secure, high-performance, cross-platform library to ensure media shared on the platform is consistent and safe across devices.

In recent years, protections like CFI, hardened memory allocators, safer buffer handling APIs, and more have also been added to WhatsApp. Apart from this, developers have received specialised training, development guidelines, and automated security analyses on the changes that they make. Lastly, WhatsApp is also said to utilise strict SLAs for fixing issues uncovered by the risk identification process.

These measures are part of Meta's defence-in-depth approach.