When WhatsApp announced the introduction of end to end encryption in April, many users welcomed the greater privacy protections. However that sense of security is being challenged by claims that deleted messages are not actually permanently removed.
READ MORE: WhatsApp rolls out end-to-end encryption for its billion users
Jonathan Zdziarski, an iOS researcher, tested the application and found that forensic traces of all of a user’s chats remain even after they are deleted, cleared, or archived, so you may want to think again before sending a hasty drunken message.
Zdziarski explained in a blog post that WhatsApp deletes the records, but they are not wiped from the database – meaning a hacker with physical access to your phone could recover and reconstruct the original messages.
These forensic traces could also be recoverable through remote backup systems, he said.
Forensic trace is common for any application using the SQLite database manager, because SQLite does not clear databases on iOS by default. The concern here is with how freely the WhatsApp data comes off the device.
“The WhatsApp chat database gets copied over from the iPhone during a backup, which means it will show up in your iCloud backup and in a desktop backup,” Zdziarski explained.
“Fortunately, desktop backups can be encrypted by enabling the ‘Encrypt Backups’ option in iTunes. Unfortunately, iCloud backups do not honor this encryption, leaving your WhatsApp database subject to law enforcement warrants,” he added.
This opens the possibility for police to issue a warrant to force Apple to recover deleted WhatsApp chat logs – which may include deleted messages.
Zdziarski’s claims come as authorities in Brazil froze $11 million worth of Facebook assets after the social media giant refused to comply with a court order to share data from a user of its messaging service, WhatsApp.
READ MORE:Brazil freezes $6mn of Facebook funds as WhatsApp refuses to assist police
Zdziarski says there’s no need to panic, but it is important to be aware of your WhatsApp “footprint.”
WhatsApp could easily resolve this issue in a number of ways through software development, according to Zdziarski, who pointed out the SQLite database can be marked in such a way that it will not be backed up.
He points out that the one way to be certain your deleted messages are really gone forever is to delete the app entirely.
WhatsApp guidelines state that deleted messages are permanently wiped from your phone. The messaging giant has yet to comment on Zdziarski’s claims.