WhatsApp Retains Deleted Messages On the Device, Research Reveals

The privacy of your private messages is supposedly on risk after Mr. Zdziarski, a security researcher reveals that WhatsApp doesn't actually delete the messages that are sent to Archive by the user. The researcher says WhatsApp stores a forensic trace of each conversion being held on an Apple device whether they are saved, archived or deleted.  It indicates that your chat doesn't disappear from the device and is still present in your phone even though u have deleted it, and as a result anyone who has access to your device can reconstruct that trace into its original form.

Recently, the app was updated with an end-to-end encryption which aimed at users' privacy and security. This takes care of the data being disappeared traveled among multiple devices so that conversation remain secured and private between the users. The new feature made the users to expect their private chats being disappeared from a device when they send it to archive or delete the entire message history. However, the research now unveils that a memory of all conversations is retained onto the phone and can be recovered through forensic tools.

Zdziarski said it's usually not a big deal to check with privacy on the phone as it can still be manageable to preserve removed data on a secure mobile but it is indeed seriously dangerous when your data comes out of the mobile as happening with WhatsApp database. He continued saying that WhatsApp is stored in an unencrypted form on your device and backs up all the chats including deleted ones to iCloud. This storing is done whether the iCloud sync is enabled or not. Since this is not encrypted, it doesn’t only let the third party access all data but also anyone having a laptop associated with the device can access the conversation, especially if the mobile has no password saved to protect its backup data.

According to Zdziarski, you can only delete your WhatsApp messages permanently by deleting the entire application. He requested software developers to look into the matter when design new applications. He says they must consider forensic trace for such kind of mobile applications. It is vital to take care of this sensitive aspect when designing a secure messaging app as a poor design could pose critical impact on innocent people. On the other hand, Facebook has also compiled the list of 70 percent of requests that are made to access the data from UK Government including WhatsApp messages.

Revealing on other applications, Zdziarski said WhatsApp is not the only app that is storing deleted messages on the device as iMessages is also leaving piles of information in your mobile’s memory. The researcher advised messaging users to avoid leaving anything virtually on their mobile phone. He also said he has observed ‘Wickr’ is the only messaging app today which is using a better version of encryption that ultimately ensures more secure conversations between the devices. Zdziarski hopes for other messaging applications to follow in the footstep of ‘Wickr’ messaging application to enhance their encryption. 

No comments:

'; (function() { var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true; dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js'; (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq); })();
Powered by Blogger.