Whatsapp, being one of the popular third-party chat app after convincing the users in terms of security purpose by providing End-to-End encryption in their platform, it is now working on an application which would be able to recover the deleted data via a remote backup system, an iOS researcher Jonathan Zdziarski has revealed.
Zdziarski said that the messages either individual or group, when deleted from the account leaves a forensic trace of the data. He initiated his testing with a few chat threads, archiving it, clearing and then deleting it and concluded that none of the methods could remove the data permanently for the phone. He discovered that for recovery purpose one should either have a physical access to the gadget or from remote backups.
He pointed a flaw in the SQLite records of the application that retains the deleted chats in the database which could be easily accessed by an individual for the wrong purpose under the right “popular forensic tools.”
Previously, many privacy advocates have praised the End-to-end encryption of the Whatsapp. But, this encryption is only in working state when data is being transferred, keeping safe from the other carriers and other intermediaries from intercepting on user’s chats while data is moving over the network. The findings from Zdziarski manages with what occurs when the data got on the phone, saved on the device and on the cloud as a backup. He says that cloud backups are not stored with the encryption and the intermediaries can get clear records of the chats by easily registering for a court order.
Zdziarski said on his blog post, “Apple’s iMessage has this problem and it’s just as bad, if not worse. Your SMS.db is stored in an iCloud backup, but copies of it also exist on your iPad, your desktop, and anywhere else you receive iMessages. Deleted content also suffers the same fate.”