The general perception of an user when he/she deletes a so-called ‘secure’ chat is that the messages in that chat have permanently been deleted and there’s no evidence of those messages. But, according to a post published by iOS researcher Jonathan Zdziarski, WhatsApp isn’t completely secure as it retains and stores chat logs even after the chats has been deleted or archived.
Zdziarski reports that while examining the disk images of the most recent (updated) version of the messaging app, he found that it retains a forensic trace of chat logs, even after you’ve deleted, archived or cleared all of your chats. This security vulnerability — which has existed in iMessage for quite a long time — creates a potential ‘treasure trove’ for those looking to exploit personal data. This data could easily be hijacked by anyone with physical access to the device or with access to an unencrypted backup of your phone’s data.
In his blogpost, Zdziarski adds that,
Simply preserving deleted data on a secure device is not usually a significant issue, but when that data comes off the device as freely as WhatsApp’s database does, it poses a rather serious risk to privacy. Unfortunately, that’s what’s happening here and why this is something users should be aware of.
He further adds that forensic trade is a very common problem among applications that use SQLite, because it doesn’t be default vacuum databases on iOS. When a chat is deleted, its record is added to a ‘free list’ which are not overwritten until later on when database needs extra storage — which may take a very long time. And WhatsApp storing these messages in the memory is highly insecure because it is then backed up by iCloud without hard encryption.
So, this means that even deleted conversations can now easily be obtained by legal authorities and the government through a meager court order. And if you’re thinking what I’m thinking, then the information of this backlog could also prove quite fatal for WhatsApp.
The messaging is currently caught amid a tussle with the Brazilian government, who is asking the billion-user messaging service to dispense chat record for a criminal investigation. But, WhatsApp who has faced four massive blackouts in the country has denied the court order stating the (obvious) fact that it doesn’t have access to any information due to end-to-end encryption. If not fixed soon enough, this security drawback reported by Zdziarski could prove to be a big struggle for WhatsApp in the near future.