whatsappPopular third-party chat app WhatsApp is leaving a "forensic trace" of every supposedly deleted chat log, meaning anyone with access to your smartphone -- or another device connected through the cloud -- could potentially access data from the app. The discovery comes from iOS researcher Jonathan Zdziarski, who shared the information in a blog post after discovering the potential security flaw in the latest version of WhatsApp (via The Verge).

Zdziarski tested out his theory by beginning a few chat threads, then archiving, clearing, and deleting them, but found that none of the app's deletion methods, even Clear All Chats, "made any difference in how deleted records were preserved." The central flaw appeared to be in the app's SQLite records, which retained the deleted chats in its database that could be accessed by a harmful individual with the right "popular forensics tools."

In his post, Zdziarski mentioned that the problem isn't unique to WhatsApp, and has even gone into detail about "forensic trace leakage" in Messages on iOS and OS X, and ways Apple could address such privacy issues, in a separate blog post. He explained succinctly that short-lived chats between friends and family using these apps are "not ephemeral on disk," which not only could be a cause for concern with users, but could allow law enforcement legal access to thought-to-be-deleted WhatsApp messages thanks to the lack of encrypted communication between WhatsApp and iCloud.

The core issue here is that ephemeral communication is not ephemeral on disk. This is a problem that Apple has struggled with as well, which I’ve explained and made design recommendations recently in this blog post.

Apple’s iMessage has this problem and it’s just as bad, if not worse. Your SMS.db is stored in an iCloud backup, but copies of it also exist on your iPad, your desktop, and anywhere else you receive iMessages. Deleted content also suffers the same fate.

All the same, Zdziarski caps his post by mentioning there's no reason for widespread panic to ignite because of the WhatsApp security flaw, mainly due to the fact that someone with malicious intent would need to jump through so many hoops to finally access the deleted messages. The iOS researcher stated that his purpose was for users to simply "be aware of WhatsApp’s footprint." He also gives a few options for users looking to mitigate the issue, including periodically deleting WhatsApp "to flush out the database," disabling iCloud backups, and avoiding the storage of backup passwords in Apple's keychain.

Earlier in the year, Apple reiterated its intent to double down on user privacy and safety within its iCloud platform. Currently, encrypted data saved in iCloud is accessible by Apple with a key, which grants it access to accounts for assistive purposes, like if someone forgets their password. However, with the steadily growing data amassing in users' iCloud accounts -- from texts to pictures and personal health data -- Apple is looking to provide end-to-end encryption in its cloud-based storage platform, meaning not even the company itself could gain access to the accounts of its users even if it wanted to.

Check out Zdziarski's blog post for more details on the issue.

Top Rated Comments

LordQ Avatar
62 months ago
Whatsapp is a Facebook-owned company so yeah, security flaw.

Score: 9 Votes (Like | Disagree)
fabiopigi Avatar
62 months ago
You know, the sad thing is, most commenters only read "WhatsApp, security flaw", but the problem is no spefici to Whatsapp, but the SQLite database.

Jonathan even wrote the same flaw exists in iMessage as well. But no... "it's facebook", "iMessage is better", "Don't trust facebook". Yeah there are valid arguments for all these claims, but this security leak is none of them.

Read the whole article at least before you foolishly bash another company.
Score: 7 Votes (Like | Disagree)
Oblivious.Robot Avatar
62 months ago
If only more people in my circle used Telegram over WhatsApp.

Even though I have to say, iMessage is still my favourite among the ones who own Apple devices, and I seem to talk to them more than the others. :D
Score: 3 Votes (Like | Disagree)
KALLT Avatar
62 months ago
It is just a systemic problem with databases in general. Programmers do not always contemplate or implement operations that remove entries from databases, sometimes because the data model is just not build that way. As a user, you almost never know how data is stored and how the application or websites handles deletion requests.

For real security, use open source. Signal or Telegram.
Avoid Telegram. Their encryption scheme is home-brewed and a few flaws have already been found, their server-side source code is closed-sourced and their company structure is dubious with a web of shell companies in jurisdictions that do not disclose full details. There is ample to find about Telegram that should make you sceptical, at least if you intend to use Telegram under the assumption that it offers ‘real security’.

Signal and Threema are definitely the more serious contenders.
Score: 2 Votes (Like | Disagree)
bushido Avatar
62 months ago
Whatsapp is a Facebook-owned company so yeah, security flaw.

"Zdziarski mentioned that the problem isn't unique to WhatsApp, and has even gone into detail about "forensic trace leakage" in Messages on iOS and OS X"
Score: 2 Votes (Like | Disagree)
Altis Avatar
62 months ago
You know, the sad thing is, most commenters only read "WhatsApp, security flaw", but the problem is no spefici to Whatsapp, but the SQLite database.

Jonathan even wrote the same flaw exists in iMessage as well. But no... "it's facebook", "iMessage is better", "Don't trust facebook". Yeah there are valid arguments for all these claims, but this security leak is none of them.

Read the whole article at least before you foolishly bash another company.
This particular security flaw isn't specific to Whatsapp, but Facebook owning Whatsapp should tell you what level of privacy and security to expect of it.

iMessage still requires an actual intrusion.
Score: 1 Votes (Like | Disagree)

Top Stories

april 2021 event coverage feature

Apple Event Live Coverage: New iPads, AirTags, and More Expected [Event Over]

Tuesday April 20, 2021 9:07 am PDT by
Apple's virtual "Spring Loaded" event kicks off today at 10:00 a.m. Pacific Time, with Apple expected to debut updated iPad models and perhaps some other hardware such as AirTags or iMac models based on Apple silicon. Apple is providing a live video stream on its website, on YouTube, and in the company's TV app across its platforms. We will also be updating this article with live blog...
m1 imac colors

Apple Announces Redesigned iMac With M1 Chip and Seven Color Options

Tuesday April 20, 2021 10:22 am PDT by
Apple has announced a new, redesigned 24-inch iMac, featuring an M1 chip, a 4.5K display, and a range of color options, as well as an improved cooling system, front-facing camera, speaker system, microphones, power connector, and peripherals. The new iMac features a completely new compact design, and comes in a range of seven striking colors, including green, yellow, orange, pink, purple,...
Ports 2021 MacBook Pro Mockup Feature 1 copy

Stolen MacBook Pro Schematics Confirm Apple's Plans to Add More Ports and Remove Touch Bar

Wednesday April 21, 2021 10:31 am PDT by
Schematics stolen from Apple supplier Quanta Computer outline Apple's plans for the next-generation MacBook Pro models that are expected in 2021, and clearly confirm plans for additional ports and a return to MagSafe. MacRumors saw the schematics after they were leaked online, and some of them feature the logic board of the next-generation MacBook Pro. On the right side of the machine,...
iphone 12 preorder purple

Apple Launching iPhone 12 and 12 Mini in New Purple Color on April 30

Tuesday April 20, 2021 10:08 am PDT by
Apple today announced that the iPhone 12 and iPhone 12 mini will be available in a new purple color starting April 30, with pre-orders starting this Friday. Apple is also releasing a new MagSafe Leather Case and Leather Sleeve in Deep Violet, a Silicone Case in Capri Blue, Pistachio, Cantaloupe, or Amethyst, and a Leather Wallet in Arizona, all available to order beginning today. iPhone...
13 inch macbook pro m1

14-Inch and 16-Inch MacBook Pro Models With XDR Displays Expected to Launch Later This Year

Wednesday April 21, 2021 7:08 am PDT by
Apple yesterday unveiled a new 12.9-inch iPad Pro with a Liquid Retina XDR display that uses mini-LED backlighting to achieve up to 1,000 nits of full-screen brightness and up to 1,600 nits of peak brightness. With over 10,000 mini‑LEDs grouped into more than 2,500 local dimming zones, the display also has an impressive 1,000,000:1 contrast ratio. Apple has so far branded its mini-LED...
14

Apple Says iOS 14.5 Will Be Released 'Next Week'

Tuesday April 20, 2021 11:08 am PDT by
Apple today in a press release about its new AirTag item tracker announced that iOS 14.5 and iPadOS 14.5 will be available starting "next week." iOS 14.5 and iPadOS 14.5 are packed with new features, including the ability for iPhone users who are wearing an Apple Watch to unlock the iPhone with Face ID while wearing a mask. iOS 14.5 and iPadOS 14.5 will also be the minimum software versions...
ipad pro with m1 chip

Apple Introduces Next-Generation iPad Pro With M1 Chip, Thunderbolt, 5G, XDR Display, and More

Tuesday April 20, 2021 10:40 am PDT by
Apple today announced the next-generation iPad Pro with the same M1 chip found in the latest Macs, Thunderbolt and USB4 support, 5G connectivity on cellular models with mmWave support in the United States, and more. With an 8-core CPU and 8-core GPU, Apple says the M1 chip in the new iPad Pro provides up to 50% faster performance and up to 40% faster graphics compared to the A12Z Bionic chip ...
f1618938547

Apple Announces AirTag Tracking Devices Starting At $29 Each

Tuesday April 20, 2021 10:10 am PDT by
Apple today announced AirTag, a Tile-like Bluetooth tracking device that's designed to be attached to items like keys and wallets for tracking purposes, letting you find them right in the Find My app. AirTags are accessories for attaching to backpacks, luggage, and other items. Any U1 device like the iPhone 12 can be used for precision finding to guide you right to the item you're looking...
airtag engraving 69

Apple Tries to Limit Offensive AirTag Engravings... With Mixed Results

Wednesday April 21, 2021 3:16 am PDT by
Apple's AirTag item trackers can be custom-engraved using text, numbers, and even emoji, but users looking to express some college humor will likely need to look elsewhere, because Apple's online AirTag personalization tool is easily offended. An AirTag is just big enough to fit up to four characters or up to three emoji. That might seem just enough to get dubiously creative with your...
maxresdefault

Apple Event 2021: Everything Apple Announced at Its 'Spring Loaded' Event in Just 6 Minutes

Tuesday April 20, 2021 4:23 pm PDT by
Apple today held its first event of 2021, and it was one of the most exciting events that we've seen in some time. Apple announced a whole slew of new products, including an M1 iMac, an M1 iPad Pro, a refreshed 4K Apple TV, and the long-awaited AirTags. Subscribe to the MacRumors YouTube channel for more videos. It took Apple an hour to introduce all of the new devices during its virtual...