Skip to main content
USA Network
Now Streaming
  • EPISODES
  • VIDEOS
  • Articles
  • PHOTOS
  • CAST & INFO
  • Extras
  • Email
  • SHOP
  • After Show
  • Whoismrrobot
#MrRobot

WhatsApp Isn’t Fully Deleting its 'Deleted' Chats

Featured From The Verge
By Russell Brandom
Originally posted on July 28, 2016
Tags: The Verge, Privacy, Cybersecurity, Surveillance

Share

WhatsApp retains and stores chat logs even after those chats have been deleted, according to a post today by iOS researcher Jonathan Zdziarski. Examining disk images taken from the most recent version of the app, Zdziarski found that the software retains and stores a forensic trace of the chat logs even after the chats have been deleted, creating a potential treasure trove of information for anyone with physical access to the device. The same data could also be recoverable through any remote backup systems in place.

In most cases, the data is marked as deleted by the operating system — but because it has not been overwritten, it is still recoverable through forensic tools. Zdziarski attributed the problem to the SQLite library used in coding the app, which does not overwrite by default.


"Ephemeral communication is not ephemeral on disk."

WhatsApp was applauded by many privacy advocates for switching to default end-to-end encryption through the Signal protocol, a process that completed this April. But that system only protects data in transit, preventing carriers and other intermediaries from spying on conversations as they travel across the network.

Zdziarski’s findings deal with what happens to that data after it reaches the phone, particularly when it’s stored on the phone’s local disk drive or remote iCloud storage. WhatsApp messages are backed up by iCloud without hard encryption, so the finding means police could obtain clear records of conversations through a court order, even if the conversation had been deleted within the app.

"The core issue here is that ephemeral communication is not ephemeral on disk," Zdziarski wrote in the post.

The news shouldn’t be alarming to WhatsApp users, although it does temper many of the privacy promises made by the company in the past. The majority of messaging apps leave similar traces, recoverable through iCloud backups, although a number of privacy-focused apps do not. "iMessage leaves a lot [of forensic traces]," Zdziarski said, reached by The Verge. "Signal leaves virtually none."

The research is particularly relevant given the app’s current legal struggles over encryption policy. In Brazil, WhatsApp has weathered numerous blackout orders from local courts over its refusal to turn over court ordered chat logs in an ongoing case. The company has repeatedly claimed that it cannot turn over the logs as a result of WhatsApp’s end-to-end encryption systems, and the blackout orders have been routinely overturned by higher courts.

WhatsApp did not immediately respond to a request for comment.

Previous post Next post

Latest Articles

  • Hackers Emptied Ethereum Wallets by Breaking the Basic Infrastructure of the Internet
  • The FTC Warns of Robot Calling Spam Targeting Chinese Speakers
  • Facebook, Microsoft, and Other Tech Companies Pledge to Never Help Governments Launch Cyberattacks
  • Facebook Begins Fact-Checking News for Users in India, One of its Largest Markets
  • Facebook May Face Billions in Fines Over its Tag Suggestions Feature
  • Opinion: Russia’s Telegram Ban Is a Big, Convoluted Mess
  • USA Announces New Pilots from Sam Esmail, Peter Berg, Tim Kring & Denis Leary
  • 11 Weird and Awkward Moments from Two Days of Mark Zuckerberg’s Congressional Hearing
  • Chrome and Firefox Will Support a New Standard for Password-Free Logins
  • Chinese City Shops Ordered to Start Using Government-Approved Routers
View all Articles

Related content

  • Featured From The Verge
    Hackers Emptied Ethereum Wallets
  • Featured From The Verge
    The FTC Warns of Robot Calling Spam Targeting Chinese Speakers
  • Featured From The Verge
    Facebook, Microsoft, and Other Tech Companies Pledge to Never Help Governments Launch Cyberattacks
  • Featured From The Verge
    Facebook Begins Fact-Checking News for Users in India, One of its Largest Markets
  • Featured From The Verge
    Facebook May Face Billions in Fines Over its Tag Suggestions Feature
  • Featured From The Verge
    Russia’s Telegram Ban Is a Big, Convoluted Mess
Load more
  • Independent Programming Report
  • NBCU Research Panel
  • Terms of Service
  • Privacy Policy
  • Closed Captioning
  • Accessibility
  • Help
  • AdChoices
©2018 NBCUniversal, Inc. All Rights Reserved. A Division of NBC Universal