Did you think that deleting those WhatsApp gossip sessions made them disappear forever? Think again.
According to iOS researcher Jonathan Zdziarski, the conversations you have on WhatsApp may not be as private as the app led you to believe.
In a recent blog post, Zdziarski revealed that the messenger platform leaves plenty of digital traces when you delete your messages. This comes after the company launched end-to-end encryption in April, meaning private messaging for all users.
While WhatsApp never claimed that the messages are self-destructing, it did say in its update description that “Deleted messages are permanently deleted from your phone.”
His blog post is not at all encouraging for WhatsApp users:
“Sorry, folks, while experts are saying the encryption checks out in WhatsApp, it looks like the latest version of the app tested leaves forensic trace of all of your chats, even after you’ve deleted, cleared, or archived them… even if you “Clear All Chats.” In fact, the only way to get rid of them appears to be to delete the app entirely.”
However, Zdziarski did explain that it didn’t seem that the company was intentionally retaining the data. His tests on cleared, deleted, and archived conversations showed that the data behaved exactly the same in each case.
In other words, forensic information of the message you sent or received remains on your phone. With this data, your deleted messages can be recovered and reconstructed, Zdziarski added.
iOS users worry about WhatsApp encryption
This report is even more worrying as the iOS researcher found that other iPhone apps behave this way. If you lost your phone, your messages could be restored, even those sent over iMessage. Digital traces remain on every device you have accessed your iMessages on.
So what can iOS users do to gain extra privacy of their messages? According to Zdziarski, they could start by setting up a really strong password on their phones.
Then, he recommends disabling the iCloud backup – this feature does not fall under the encryption standards. Lastly, he believes periodical deletion of the app from the device is a good extra measure that helps clear out the message data completely.