WhatsApp Silent Fix of Device Fingerprinting Privacy Issue Assessment: The Good, The (Not So) Bad…

Researchers found that WhatsApp's end-to-end encrypted multi-device design leaked per-device encryption metadata that can be used to fingerprint a recipient's operating system and target device-specific exploits; the vendor has silently rolled out a partial fix (Android randomizing a key ID) that reduces but does not eliminate distinguishability, and the report criticizes the lack of CVE issuance and collaborator transparency.