last week security flaw finders at cryptowallet startup Zengo went public with ways to revive seemingly self-destructed View Once material.
https://zengo.com/whatsapps-view-once-privacy-issue/
Essentially, the API servers treated View Once messages as normal messages but with a flag on them saying: Please only show this once. A rogue app able to talk to those servers could just ignore that request.
Zengo used Meta's bug bounty program in August to report the security weakness to WhatsApp....
"The core issue of the View Once media message containing all the information required to view it, in an environment that should not be able to show it, still remains unsolved."
The video below shows this is not a terrifyingly complex feat to achieve.
All that's needed to neutralize and negate this type of "security" is a screen cap.
fundamental problem is that these supposedly evaporating messages are still being sent to platforms that shouldn't be getting them
¯\(°_o)/¯
i wouldn't trust any service that claims self destruct msgs will actually self destruct and be gone forever from everywhere..... Especially not Meta 😂