Published On: Sun, Jul 31st, 2016

Research shows deleted WhatsApp messages aren’t actually deleted

whatsappChat logs from WhatsApp linger on your phone even after you’ve deleted them, according to new research published by iOS expert Jonathan Zdziarski.

Forensic traces of chats linger on the phone even after a user archives or deletes them, Zdziarski found, and could be accessed by someone with physical access to the device or by law enforcement issuing a warrant to Apple for iCloud backups. Although the data is deleted from the app, it is not overwritten in the SQLite library and therefore remains on the phone.

“The only way to get rid of them appears to be to delete the app entirely,” Zdziarski added.

WhatsApp has been applauded for its security since the company, which is owned by Facebook, completed its rollout of end-to-end encryption in April. WhatsApp uses the well-regarded Signal Protocol for its encryption. But some onlookers were excited to see a dent in WhatsApp’s armor — the CEO of Telegram, Pavel Durov, took the opportunity to critique WhatsApp’s security.

“Even for 10% of something like this security experts would tear Telegram apart with hundreds of NEVER — USE IT tweets,” Durov tweeted. “Funny how conveniently silent all these ‘experts’ are now, after spending hundreds of hours bashing TG [Telegram] and promoting WA [WhatsApp].”

However, WhatsApp certainly isn’t the only messaging application with this problem: Zdziarski noted that the issue exists with iMessage as well. Other apps like Signal and Wickr leave fewer forensic traces.

WhatsApp users don’t need to panic — the ways this forensic data could be exported are relatively limited.

Leave a Reply