Deleted WhatsApp Messages on iOS devices can be easily retrieved
According to Jonathan Zdziarski, a security researcher, any WhatsApp conversations deleted on an iOS devices might still be stored on your phone. What the researcher means is that a forensic trace of all chats is left on your iPhone even after you have deleted, archived or cleared message. Using a forensic tool, this data can easily be retrieved because it has not been overwritten on the device.
Zdziarski notes that simply deleted data on a secure device is not usually an important issue but when the data comes off a device as freely as WhatsApp’s database, it poses a serious risk to privacy.
During the investigation by Zdziarski, he analyzed SQLite records that were stored on a test iPhone’s database, once WhatsApp conversations had been deleted. What was discovered is that the library does not automatically overwrite data file, meaning they do not get deleted. Another key thing to note is that. WhatsApp messages are usually backed up by iCloud without hard encryption; This means that police can easily obtain records of conversation by just getting a court order.
In April this year, WhatsApp was applauded by many for switching to default end-to-end encryption through the signal protocol. Unfortunately, the system only protects data in transit preventing carriers and other intermediaries from spying on the conversation as they transit across the network. iCloud data does not offer the same level of protection as the end-to-end encryption used by WhatsApp.
Zdziarski explains that information cannot be accessed by WhatsApp or any third party. He further explains that this data is stored locally on someone’s device and the only way to get rid of it entirely, is by just deleting the app. It’s worth noting that, this news should not be alarming to users though it temper privacy promises that the company made to users. Also, other messaging apps leave similar traces.
Featured Image Credit:thenextweb