What if we told you that the act of you deleting those suspicious WhatsApp messages doesn’t guarantee that they are gone forever? What happened to the end-to end encryption that WhatsApp recently rolled out? According to iOS researcher Jonathan Zdziarski the latest version of the app tested leaves forensic trace of all of your chats, even after you’ve deleted, cleared, or archived them and even if he tested this on iOS, he believes the case is the same for Android users. In his research, Zdziarski discovered that the app keeps and stores a forensic trace of all messages irrespective of whether they have been deleted or not as it, creates a potential leakage of information for anyone with physical access to the device.
“The core issue here is that ephemeral communication is not ephemeral on disk,” Zdziarski wrote in the post. His findings reveal what happens to that data after it reaches the phone, when it is stored on the phone’s memory on backed up remotely to the cloud. Since WhatsApp chats are backed up by cloud services like Apple’s iCloud without hard encryption, this means law enforcement can without hustle obtain clear records of all your conversations and it doesn’t matter whether you had previously deleted them. He also goes further and says that,
“Anyone with physical access to your computer could copy this data from an existing, unencrypted backup, or potentially decrypt it using password breaking tools, or recover the password from your keychain. If passwords are compelled in your country, you may also be forced to assist law enforcement.”
Should this be alarming to WhatsApp users?
The short version? No, you shouldn’t but Mr Zdziarski thinks its good for you to be aware of this WhatsApp footprint and he has given iPhone users four tips on how to mitigate this risk.
- Use iTunes to set a long, complex backup password for your phone,
- Consider pair locking your device using Configurator tool to prevent anybody else who steals your passcode,
- Disable iCloud backups, periodically,
- Delete the application from your device and reinstall it to flush out the database.
You can read the full blog post in the source link below. WhatsApp has not yet come out officially to respond to this research.