whatsappPopular third-party chat app WhatsApp is leaving a "forensic trace" of every supposedly deleted chat log, meaning anyone with access to your smartphone -- or another device connected through the cloud -- could potentially access data from the app. The discovery comes from iOS researcher Jonathan Zdziarski, who shared the information in a blog post after discovering the potential security flaw in the latest version of WhatsApp (via The Verge).

Zdziarski tested out his theory by beginning a few chat threads, then archiving, clearing, and deleting them, but found that none of the app's deletion methods, even Clear All Chats, "made any difference in how deleted records were preserved." The central flaw appeared to be in the app's SQLite records, which retained the deleted chats in its database that could be accessed by a harmful individual with the right "popular forensics tools."

In his post, Zdziarski mentioned that the problem isn't unique to WhatsApp, and has even gone into detail about "forensic trace leakage" in Messages on iOS and OS X, and ways Apple could address such privacy issues, in a separate blog post. He explained succinctly that short-lived chats between friends and family using these apps are "not ephemeral on disk," which not only could be a cause for concern with users, but could allow law enforcement legal access to thought-to-be-deleted WhatsApp messages thanks to the lack of encrypted communication between WhatsApp and iCloud.

The core issue here is that ephemeral communication is not ephemeral on disk. This is a problem that Apple has struggled with as well, which I’ve explained and made design recommendations recently in this blog post.

Apple’s iMessage has this problem and it’s just as bad, if not worse. Your SMS.db is stored in an iCloud backup, but copies of it also exist on your iPad, your desktop, and anywhere else you receive iMessages. Deleted content also suffers the same fate.

All the same, Zdziarski caps his post by mentioning there's no reason for widespread panic to ignite because of the WhatsApp security flaw, mainly due to the fact that someone with malicious intent would need to jump through so many hoops to finally access the deleted messages. The iOS researcher stated that his purpose was for users to simply "be aware of WhatsApp’s footprint." He also gives a few options for users looking to mitigate the issue, including periodically deleting WhatsApp "to flush out the database," disabling iCloud backups, and avoiding the storage of backup passwords in Apple's keychain.

Earlier in the year, Apple reiterated its intent to double down on user privacy and safety within its iCloud platform. Currently, encrypted data saved in iCloud is accessible by Apple with a key, which grants it access to accounts for assistive purposes, like if someone forgets their password. However, with the steadily growing data amassing in users' iCloud accounts -- from texts to pictures and personal health data -- Apple is looking to provide end-to-end encryption in its cloud-based storage platform, meaning not even the company itself could gain access to the accounts of its users even if it wanted to.

Check out Zdziarski's blog post for more details on the issue.

Top Rated Comments

LordQ Avatar
112 months ago
Whatsapp is a Facebook-owned company so yeah, security flaw.

Score: 9 Votes (Like | Disagree)
fabiopigi Avatar
112 months ago
You know, the sad thing is, most commenters only read "WhatsApp, security flaw", but the problem is no spefici to Whatsapp, but the SQLite database.

Jonathan even wrote the same flaw exists in iMessage as well. But no... "it's facebook", "iMessage is better", "Don't trust facebook". Yeah there are valid arguments for all these claims, but this security leak is none of them.

Read the whole article at least before you foolishly bash another company.
Score: 7 Votes (Like | Disagree)
Oblivious.Robot Avatar
112 months ago
If only more people in my circle used Telegram over WhatsApp.

Even though I have to say, iMessage is still my favourite among the ones who own Apple devices, and I seem to talk to them more than the others. :D
Score: 3 Votes (Like | Disagree)
KALLT Avatar
112 months ago
It is just a systemic problem with databases in general. Programmers do not always contemplate or implement operations that remove entries from databases, sometimes because the data model is just not build that way. As a user, you almost never know how data is stored and how the application or websites handles deletion requests.

For real security, use open source. Signal or Telegram.
Avoid Telegram. Their encryption scheme is home-brewed and a few flaws have already been found, their server-side source code is closed-sourced and their company structure is dubious with a web of shell companies in jurisdictions that do not disclose full details. There is ample to find about Telegram that should make you sceptical, at least if you intend to use Telegram under the assumption that it offers ‘real security’.

Signal and Threema are definitely the more serious contenders.
Score: 2 Votes (Like | Disagree)
bushido Avatar
112 months ago
Whatsapp is a Facebook-owned company so yeah, security flaw.

"Zdziarski mentioned that the problem isn't unique to WhatsApp, and has even gone into detail about "forensic trace leakage" in Messages on iOS and OS X"
Score: 2 Votes (Like | Disagree)
Altis Avatar
112 months ago
You know, the sad thing is, most commenters only read "WhatsApp, security flaw", but the problem is no spefici to Whatsapp, but the SQLite database.

Jonathan even wrote the same flaw exists in iMessage as well. But no... "it's facebook", "iMessage is better", "Don't trust facebook". Yeah there are valid arguments for all these claims, but this security leak is none of them.

Read the whole article at least before you foolishly bash another company.
This particular security flaw isn't specific to Whatsapp, but Facebook owning Whatsapp should tell you what level of privacy and security to expect of it.

iMessage still requires an actual intrusion.
Score: 1 Votes (Like | Disagree)

Popular Stories

iPhone SE 4 Thumb 1

'New' iPhone SE Product Listing Appears on French Website

Wednesday February 12, 2025 6:49 am PST by
As the wait continues for Apple's long-rumored, fourth-generation iPhone SE, French electronics retailer Boulanger has prematurely published a product listing for a "new" model of the iPhone SE. The placeholder page says the device is "coming soon," but it offers no further information, and the price shown is obviously not real. The listing was spotted by a reader of the French technology...
apple launch feb 2025 alt

What to Expect From the 'Apple Launch' Next Week

Thursday February 13, 2025 11:48 am PST by
Apple has yet to announce any new devices this year, but that could change starting next week. Apple CEO Tim Cook today said to "get ready" for a "launch" on Wednesday, February 19. "Get ready to meet the newest member of the family," said Cook, in a social media post. The post includes an #AppleLaunch hashtag, along with a short video featuring an animated Apple logo inside of a circle....
apple launch feb 2025

Tim Cook Teases an 'Apple Launch' Next Wednesday

Thursday February 13, 2025 8:07 am PST by
In a social media post today, Apple CEO Tim Cook teased an upcoming "launch" of some kind scheduled for Wednesday, February 19. "Get ready to meet the newest member of the family," he said, with an #AppleLaunch hashtag. The post includes a short video with an animated Apple logo inside a circle. Cook did not provide an exact time for the launch, or share any other specific details, so...
m2 macbook air blue

M4 MacBook Air Release Continues to Appear Imminent

Monday February 10, 2025 10:56 am PST by
There continue to be signs of a new MacBook Air with an M4 chip, indicating that we could see the machine launch in the not too distant future. A private account on X today shared the identifiers that the MacBook Air will use, and those identifiers correspond to the M4 chip. According to the source, both the 13-inch MacBook Air and the 15-inch MacBook Air will be equipped with Apple's...
oppo find n5 fingers

World's Thinnest Foldable Phone Launches Next Week

Monday February 10, 2025 3:05 am PST by
Oppo has confirmed a February 20 global launch for its Find N5, which the company claims is the world's thinnest device in the foldable phone category. The phone is expected to be re-branded as the OnePlus Open 2 in the US. The Chinese vendor has been teasing the device in the last few weeks, touting its waterproofing and nearly invisible display crease, and highlighting its thinness by compa...
iPhone 17 Pro Render Front Page Tech

iPhone 17 Pro With All-New Camera Bar Design Allegedly Revealed

Thursday February 13, 2025 5:49 pm PST by
Apple's next-generation iPhone 17 Pro will feature three rear cameras arranged in a familiar triangular layout, but the cameras will be housed in an all-new rectangular camera bar with rounded corners, according to YouTube channel Front Page Tech. iPhone 17 Pro camera design render created by Asher for Front Page Tech In a video uploaded today, Front Page Tech host Jon Prosser said the camera ...
watchOS 11 Thumb 2 1

Apple Releases watchOS 11.3.1

Monday February 10, 2025 10:04 am PST by
Apple today released watchOS 11.3.1, a minor update to the operating system that runs on the Apple Watch. watchOS 11.3.1 is compatible with the Apple Watch Series 6 and later, all Apple Watch Ultra models, and the Apple Watch SE 2. watchOS 11.3.1 can be downloaded by opening up the Apple Watch app and going to General > Software Update. To install the new software, the Apple Watch needs to...
M4 mini Glowing Blue

Apple Begins Selling Refurbished M4 Macs

Wednesday February 12, 2025 11:35 am PST by
Apple today added MacBook Pro and Mac mini models with M4 series chips to its certified refurbished store in the United States, Canada, the United Kingdom, and Ireland for the first time since the computers were introduced in October 2024. Some refurbished MacBook Pro models with M4 chips are also available in Belgium, Germany, the Netherlands, Spain, and select other European countries. ...
sequoia

Apple Releases macOS Sequoia 15.3.1

Monday February 10, 2025 10:11 am PST by
Apple today released macOS Sequoia 15.3.1, a minor update to the macOS Sequoia operating system that came out last September. macOS 15.3.1 comes a few weeks after the launch of macOS Sequoia 15.3. Mac users can download the ‌‌‌macOS Sequoia‌‌‌ update through the Software Update section of System Settings. Apple has also released macOS 13.7.4 and macOS 14.7.4 for those who are...