Whatsapp web desktop security

Maketrades

What's the thought on using WhatsApp web desktops mode on grapheneos instead of installing the spyware app WhatsApp directly? Is there any security advantage for the ones who really need to use WhatsApp?
Letts say the journalists who are high value targets

Novalissoide

Maketrades Provided you get this to work for your needs then yes, youv'e just got rid of that rabid elephant of an app that is Whatsapp, Vanadium is arguably safer.

Maketrades

I geuss not a Lott fans of WhatsApp here 😎😎

bitestring

You still need to install WhatsApp on a phone to use it on desktop. So, if you are a high‑value target, a zero‑day exploit could be used on the non‑GrapheneOS phone where WhatsApp is installed, allowing the attacker to monitor past and future WhatsApp communications.

At least with GrapheneOS, security features such as a hardened memory allocator and memory tagging can thwart the attack in the first place.

You can still install WhatsApp on GrapheneOS, but enable only the essential permissions: turn on the Storage and Contacts scopes and leave Memory Tagging and other hardening features enabled.

Miles

bitestring phone doesnt need to be turned on, you can e en uninstall/freeze whatsapp and keep using whatsapp web.

Maketrades

Miles phone doesnt need to be turned on, you can e en uninstall/freeze whatsapp and keep using whatsapp web.

Exactly this.. I didn't whant go that far but since you started with the zero day attacks. I geuss with that set up the zero day will only affect the phone with watssap on it but since its off the WhatsApp web hard to get attacked on correct?

W1zardK1ng

Maketrades No, that's not exactly how it may work.
First of all the main whatsapp device need to connect to internet every 14 days else linked devices will get logged out.
What if the zero day is not related to whatsapp app but exploiting something else but just being spread through whatsapp, in that case whatsapp web may not help you stop the attack.
If you just want to avoid that app from your phone, you can so it.

If you are a high-value target you should not be using whatsapp and share your that with others.

Maketrades

W1zardK1ng No, that's not exactly how it may work.
First of all the main whatsapp device need to connect to internet every 14 days else linked devices will get logged out.
What if the zero day is not related to whatsapp app but exploiting something else but just being spread through whatsapp, in that case whatsapp web may not help you stop the attack.
If you just want to avoid that app from your phone, you can so it.

If you are a high-value target you should not be using whatsapp and share your that with others

I actually not agree with that.. If like you said it got spread in this case true WhatsApp then the initial phone with WhatsApp installed will be infected not the one with WhatsApp web. So its obviously that the WhatsApp messages are comprimized but the grapheneos with WhatsApp web is in this way kept clean at least if the target is targeted with whatsap.