Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Update: Whatsapp on iOS doesn’t delete your chats fully
WhatsApp is not fully deleting your chats even after you delete your chats from the app, says a new post by iOS researcher Jonathan Zdziarski. Zdziarski claims to have examined the disk images take from the latest version of the app where he found the app retaining traces of chat logs even after its being deleted.

WhatsApp recently activated end-to-end encryption but it seems the data is still very much exposed to anyone with physical access to the device. Zdziarski further notes in his report that the data can be recovered using any remote backup systems.

In his research, Jonathan Zdziarski found that the data is deleted by the app but it is never overwritten. Zdziarski considers use of SQLite library used in coding the app as the reason behind for app default. He says forensic trace is common among any application that uses SQLite, since it does not overwrite data by default.

“The core issue here is that ephemeral communication is not ephemeral on disk,” Zdziarski wrote in the post.

Zdziarski further adds that this problem is not limited to WhatsApp. The iOS researcher has criticised Apple’s iMessage for similar for leaving similar forensic traces. He notes simply keeping deleted data on a secure device is not an issue but the bigger problem is when the data comes off the device. In the case of WhatsApp, the data comes off in the form of WhatsApp Database.

This very idea puts our otherwise encrypted data in the hands of law enforcement to create backup of your deleted chats with access to physical device.

Does that mean you should panic? Well Zdziarski thinks no but he definitely wants iOS users to be aware of this WhatsApp algorithm.

Is there a way to mitigate the potential threat?

1. Using a really strong iTunes password
2. Disabling iCloud backups
3. Periodically deleting application from the device and reinstalling to flush out the database.

Can WhatsApp fix the small little flaw to make it completely secure? Zdziarski notes that WhatsApp developers should eradicate SQLite database from backup completely. He also attributes techniques that allow developers to overwrite SQLite record.

While Zdziarski talkling primarily about iOS, its unclear whether the flaw applies to Android too.
Thanks given by:

Possibly Related Threads...
Thread Author Replies Views Last Post
  General News: WhatsApp’s iOS 10 update brings Siri integration on iPhone: Here’s how to use rahul1117_kumar 0 582 09-14-2016, 05:29 PM
Last Post: rahul1117_kumar
  General News: How to create and send animated GIF on WhatsApp rahul1117_kumar 0 507 08-26-2016, 03:49 PM
Last Post: rahul1117_kumar
  General News: WhatsApp update brings the long rumored voicemail feature to Android and iOS rahul1117_kumar 0 464 08-10-2016, 11:14 PM
Last Post: rahul1117_kumar
  General News: WhatsApp for iOS gets large emoticons, zoom while recording video rahul1117_kumar 0 460 07-27-2016, 10:22 PM
Last Post: rahul1117_kumar
  General News: Google leaves WhatsApp 'bewildered' with its group chat invite links rahul1117_kumar 0 418 07-24-2016, 11:30 PM
Last Post: rahul1117_kumar
  General News: WhatsApp for Android Beta gets call back and voicemail feature rahul1117_kumar 0 422 07-21-2016, 03:08 PM
Last Post: rahul1117_kumar
  General News: WhatsApp: Sharing all file formats, two-factor authentication coming soon rahul1117_kumar 0 475 07-20-2016, 05:39 PM
Last Post: rahul1117_kumar
  General News: WhatsApp introduces a new font for iOS and Android users rahul1117_kumar 0 361 07-15-2016, 03:52 PM
Last Post: rahul1117_kumar
  General News: WhatsApp Will Not Work on Symbian Devices After December 31 rahul1117_kumar 0 406 07-13-2016, 07:30 PM
Last Post: rahul1117_kumar
  General News: Wow! Use two WhatsApp accounts at the same time on your Android phone rahul1117_kumar 0 465 07-10-2016, 11:46 PM
Last Post: rahul1117_kumar

Forum Jump:

Users browsing this thread: 1 Guest(s)