Just recently, WhatsApp announced a new feature: you’ll now be able to connect to the social media platform via a proxy server set up by a third-party volunteer or organization.
The new feature is designed for people living under oppressive regimes that regularly restrict access to social media sites in order to quell civil unrest, protests, and other forms of anti-government mobilization.
But how does the new feature work, and can you really trust Meta-owned WhatsApp's proxy server feature?
What is WhatsApp’s New Proxy Server Feature?
WhatsApp’s new feature will allow people to reroute their connection through proxy servers stationed around the world and accessible through the app.
The aim is to help people communicate in countries where WhatsApp – and social media in general – is being blocked, banned, or restricted. The proxy servers will provide a way around these sorts of restrictions that people can use safely and without fear of reprisal.
“There are many people who continue to be denied the ability to reach their loved ones because of internet shutdowns,” WhatsApp explained in a recent statement. “Choosing a proxy enables you to connect to WhatsApp through servers set up by volunteers and organizations around the world dedicated to helping people communicate freely”.
WhatsApp says anyone can set up a proxy using a server with ports 80, 443, or 5222 available, as well as a domain name pointing to the server’s IP address. More information – as well as source code – is available on GitHub.
The feature has already been rolled out and can be found within the “Storage and Data” section of WhatsApp’s Settings menu, as long as you have the latest version of WhatsApp downloaded.
Can You Trust WhatsApp?
All in all, the new feature will likely be a great help to a lot of people. But, if your government is surveilling your internet activity and an attempt to access WhatsApp could come back to bite you, then it’s only natural to seek assurances regarding the reliability and security of a feature like this.
The question isn’t necessarily about whether users can trust WhatsApp however, but rather, whether you can trust the owner of the third-party proxy server you’re connecting to.
WhatsApp will not be setting these servers up, nor will it maintain or hold any influence over them. In theory, these servers could be set up by absolutely anyone, which is a de facto security risk.
If you’re in a country like Iran and you’re likely to use this feature, just bear in mind that the owner of the server you’re connecting to – wherever they're based in the world – will be able to see your IP address.
Proxy servers will not encrypt your connection like a VPN does, so ensure the one you're connecting to via WhatsApp is legitimate and genuine before you attempt to connect and use it.
Crucially, however, as WhatsApp is an end-to-end encrypted messaging service, the server owner won’t be able to access any conversations you have stored within the app while you’re connected to their server.
Are There Other Options for WhatsApp Security?
Theoretically, if you could find a safe way to get your hands on a VPN with support for split tunneling, you could funnel all of your WhatsApp activity through one of its encrypted servers, which wouldn’t reveal your IP address, and use the regular internet for the rest of your data.
However, therein lies the problem. Attempting to download a VPN in a country like Iran – ruled by a government that surveils its citizens' internet activity in the way this WhatsApp change is supposed to combat – comes with its own risks and dangers.
The safest option is to use the proxy server feature, but as we’ve mentioned, be vigilant when it comes to picking your proxy server. This will be safer than attempting to access technology like VPNs in a place like Iran.
However, in countries where VPNs are widely used and the subsequent legal risks associated with using them are minimal or non-existent – then we'd recommend using a VPN in tandem with the proxy if possible, simply just to boost your privacy and hide your IP address from whoever is providing your connection.