WhatsApp may boast of enhanced security thanks its end-to-end encryption feature, but that doesn’t mean the chat app is actually as secure as you think it is. Turns out, there are ways to get access to your chats even if you’ve deleted them, according to a blog post by security researcher Jonathan Zdziarski.
Zdziarski’s findings are centered on iOS, specifically the SQLite library which apps like WhatsApp and iMessage are built on. When a record gets deleted, it’s added to a ‘free list’ which doesn’t actually get overwritten until extra storage is needed. This means that forensic traces of your deleted conversations could be hanging around in your iPhone for months.
These forensic footprints can be obtained by anyone who gets physical access to your iPhone or your iCloud and iTunes backups. The latter offers a certain degree of security since you can encrypt it, but the former cannot be similarly protected. It should be noted that Zdziarski doesn’t think WhatsApp is intentionally trying to preserve data, since the app is deleting messages.
However, the fact of the matter remains that these records can be recovered and reconstructed back into its original form. The revelation comes at a turbulent time for WhatsApp, what with its ongoing tussle with Brazil over handing over chat transcripts crucial to an ongoing investigation. Law enforcement could now potentially issue a warrant to obtain your deleted chats.
If you’re worried about your WhatsApp data, Zdziarski suggest you disable iCloud backups, in addition to setting up a complex backup password for your iPhone via iTunes without storing it in Keychain. He also recommends deleting and reinstalling the app once in a while in order to flush out deleted records.