whatsappPopular third-party chat app WhatsApp is leaving a "forensic trace" of every supposedly deleted chat log, meaning anyone with access to your smartphone -- or another device connected through the cloud -- could potentially access data from the app. The discovery comes from iOS researcher Jonathan Zdziarski, who shared the information in a blog post after discovering the potential security flaw in the latest version of WhatsApp (via The Verge).

Zdziarski tested out his theory by beginning a few chat threads, then archiving, clearing, and deleting them, but found that none of the app's deletion methods, even Clear All Chats, "made any difference in how deleted records were preserved." The central flaw appeared to be in the app's SQLite records, which retained the deleted chats in its database that could be accessed by a harmful individual with the right "popular forensics tools."

In his post, Zdziarski mentioned that the problem isn't unique to WhatsApp, and has even gone into detail about "forensic trace leakage" in Messages on iOS and OS X, and ways Apple could address such privacy issues, in a separate blog post. He explained succinctly that short-lived chats between friends and family using these apps are "not ephemeral on disk," which not only could be a cause for concern with users, but could allow law enforcement legal access to thought-to-be-deleted WhatsApp messages thanks to the lack of encrypted communication between WhatsApp and iCloud.

The core issue here is that ephemeral communication is not ephemeral on disk. This is a problem that Apple has struggled with as well, which I’ve explained and made design recommendations recently in this blog post.

Apple’s iMessage has this problem and it’s just as bad, if not worse. Your SMS.db is stored in an iCloud backup, but copies of it also exist on your iPad, your desktop, and anywhere else you receive iMessages. Deleted content also suffers the same fate.

All the same, Zdziarski caps his post by mentioning there's no reason for widespread panic to ignite because of the WhatsApp security flaw, mainly due to the fact that someone with malicious intent would need to jump through so many hoops to finally access the deleted messages. The iOS researcher stated that his purpose was for users to simply "be aware of WhatsApp’s footprint." He also gives a few options for users looking to mitigate the issue, including periodically deleting WhatsApp "to flush out the database," disabling iCloud backups, and avoiding the storage of backup passwords in Apple's keychain.

Earlier in the year, Apple reiterated its intent to double down on user privacy and safety within its iCloud platform. Currently, encrypted data saved in iCloud is accessible by Apple with a key, which grants it access to accounts for assistive purposes, like if someone forgets their password. However, with the steadily growing data amassing in users' iCloud accounts -- from texts to pictures and personal health data -- Apple is looking to provide end-to-end encryption in its cloud-based storage platform, meaning not even the company itself could gain access to the accounts of its users even if it wanted to.

Check out Zdziarski's blog post for more details on the issue.

Top Rated Comments

LordQ Avatar
65 months ago
Whatsapp is a Facebook-owned company so yeah, security flaw.

Score: 9 Votes (Like | Disagree)
fabiopigi Avatar
65 months ago
You know, the sad thing is, most commenters only read "WhatsApp, security flaw", but the problem is no spefici to Whatsapp, but the SQLite database.

Jonathan even wrote the same flaw exists in iMessage as well. But no... "it's facebook", "iMessage is better", "Don't trust facebook". Yeah there are valid arguments for all these claims, but this security leak is none of them.

Read the whole article at least before you foolishly bash another company.
Score: 7 Votes (Like | Disagree)
Oblivious.Robot Avatar
65 months ago
If only more people in my circle used Telegram over WhatsApp.

Even though I have to say, iMessage is still my favourite among the ones who own Apple devices, and I seem to talk to them more than the others. :D
Score: 3 Votes (Like | Disagree)
KALLT Avatar
65 months ago
It is just a systemic problem with databases in general. Programmers do not always contemplate or implement operations that remove entries from databases, sometimes because the data model is just not build that way. As a user, you almost never know how data is stored and how the application or websites handles deletion requests.

For real security, use open source. Signal or Telegram.
Avoid Telegram. Their encryption scheme is home-brewed and a few flaws have already been found, their server-side source code is closed-sourced and their company structure is dubious with a web of shell companies in jurisdictions that do not disclose full details. There is ample to find about Telegram that should make you sceptical, at least if you intend to use Telegram under the assumption that it offers ‘real security’.

Signal and Threema are definitely the more serious contenders.
Score: 2 Votes (Like | Disagree)
bushido Avatar
65 months ago
Whatsapp is a Facebook-owned company so yeah, security flaw.

"Zdziarski mentioned that the problem isn't unique to WhatsApp, and has even gone into detail about "forensic trace leakage" in Messages on iOS and OS X"
Score: 2 Votes (Like | Disagree)
Altis Avatar
65 months ago
You know, the sad thing is, most commenters only read "WhatsApp, security flaw", but the problem is no spefici to Whatsapp, but the SQLite database.

Jonathan even wrote the same flaw exists in iMessage as well. But no... "it's facebook", "iMessage is better", "Don't trust facebook". Yeah there are valid arguments for all these claims, but this security leak is none of them.

Read the whole article at least before you foolishly bash another company.
This particular security flaw isn't specific to Whatsapp, but Facebook owning Whatsapp should tell you what level of privacy and security to expect of it.

iMessage still requires an actual intrusion.
Score: 1 Votes (Like | Disagree)

Top Stories

nothing ear 1 buds 1

Nothing 'Ear (1)' True Wireless Earbuds Launch to Take on AirPods Pro With ANC and Unusual Design for $99

Tuesday July 27, 2021 7:57 am PDT by
Nothing, a new brand from OnePlus founder Carl Pei, has today officially launched the "Ear (1)" true wireless earbuds after months of anticipation around the company's AirPods Pro rival. The Ear (1) features an in-ear design, Active Noise Cancelation, Bluetooth 5.2, IPX4 water resistance, and a charging case with Qi-compatible wireless charging and a USB-C port. Fast pairing is supported on...
iOS 14 on iPhone feature emergency

Apple Releases iOS and iPadOS 14.7.1 With Fix for Touch ID Apple Watch Bug

Monday July 26, 2021 9:48 am PDT by
Apple today released iOS and iPadOS 14.7.1, minor bug fix updates that come just a week after the release of iOS 14.7, software that introduced new Apple Card features and support for the MagSafe Battery Pack. The iOS and iPadOS 14.7.1 updates can be downloaded for free and the software is available on all eligible devices over-the-air in the Settings app. To access the new software, go to...
iPad mini pro feature 2

iPad Mini 6 to Feature 8.3-Inch Display With No Home Button and Narrower Bezels

Monday July 26, 2021 12:26 pm PDT by
The sixth-generation iPad mini that's in the works will have an 8.3-inch display, according to display analyst Ross Young. That will be larger than the current 7.9-inch display, with the larger size due to the removal of the Home button and a narrower bezel design. Rumors about the iPad mini 6 have been picking up in recent weeks ahead of its prospective launch this fall. Apple analyst...
iphone 12 pro gold

Report: iPhone 14 Pro Models to Feature Tough Titanium Alloy Chassis

Monday July 26, 2021 1:12 am PDT by
Next year's "iPhone 14" series is expected to feature high-end models with a new titanium alloy chassis design, claims a new investors report by JP Morgan Chase. According to the report, the use of titanium alloy will be one of the biggest changes to the case design in the 2022 iPhone series, and Foxconn will be the exclusive manufacturer of the titanium frames for the high-end models....
iOS 15 General Feature Purple

Everything New in iOS 15 Beta 4: Safari Tweaks, MagSafe Battery Pack Support, Notification Updates and More

Tuesday July 27, 2021 11:47 am PDT by
Apple today released the fourth betas of iOS 15 and iPadOS 15, introducing additional refinements to the new features that are coming in the software updates. In these betas, Apple has introduced changes for Safari, Notifications, Focus mode, and more. Safari Updates Apple is continuing to refine the design of Safari on the iPhone, and in iOS 15, there are tweaks to improve usability. ...
apple mac business page

Apple Shares 11 Reasons Why Business Users Should Choose Macs

Monday July 26, 2021 11:35 am PDT by
Apple today updated its Apple at Work website with a new section dedicated to the Mac, which offers up 11 reasons why "Mac means business." On the webpage, Apple highlights the M1 chip as the number one reason why business users should choose a Mac, offering up an M1 overview [PDF] that explains the benefits of the M1 chip. The information isn't new, but it does provide a look at all of...
imac with accessories

Larger Redesigned High-End iMac Rumored to Launch Next Year

Monday July 26, 2021 3:45 am PDT by
Apple's larger redesigned iMac will arrive sometime in 2022 rather than later this year, according to the leaker known as "Dylandkt." On Twitter, Dylandkt claimed that Apple's "high end iMac" is not expected to release in the fourth quarter of 2021 alongside Apple's "M1X Macs" – a reference to Apple's redesigned MacBook Pro models – because "Apple simply does not want their devices to...
General iOS 14

iOS 14.7.1 and macOS Big Sur 11.5.1 Patch Security Vulnerability That May Have Been Actively Exploited

Monday July 26, 2021 11:55 am PDT by
Apple today released unexpected iOS 14.7.1 and iPadOS 14.7.1 updates to the public, and according to a newly released support document, the software addresses a serious security vulnerability that may have been exploited in the wild. Apple says that an application may have been able to execute arbitrary code with kernel privileges due to a memory corruption issue. "Apple is aware of a report ...
apple bitcoin hack

Is Apple Really Buying Bitcoin?

Monday July 26, 2021 3:07 am PDT by
A large number of websites and posts on social media are stoking rumors that Apple has purchased $2.5 billion worth of bitcoin in the company's first move into cryptocurrency, but is there any validity to the claims? Many people are citing the fact that Apple was looking for a Business Development Manager with experience in alternative payments, including cryptocurrency, earlier this year as ...
new m1 chip

Tim Cook on Apple Deciding to Manufacture Components: 'We Ask Ourselves If We Can Do Something Better'

Tuesday July 27, 2021 3:04 pm PDT by
During today's earnings call for the third fiscal quarter of 2021 (second calendar quarter), Apple CEO Tim Cook was asked how Apple decides what components to purchase and what components to develop, and Cook said that Apple asks if it can be done better. We ask ourselves if we can do something better. If we can deliver a better product. If we can buy something in the market and it's great...