Slashdot Mirror

← Back to Stories (view on slashdot.org)

WhatsApp Isn't Fully Deleting Its 'Deleted' Chats (theverge.com)

Posted by msmash on from the security-blues dept.

Facebook-owned messaging app WhatsApp retains and stores chat logs even after those messages have been deleted, according to iOS researcher Jonathan Zdziarski. The Verge reports: Examining disk images taken from the most recent version of the app, Zdziarski found that the software retains and stores a forensic trace of the chat logs even after the chats have been deleted, creating a potential treasure trove of information for anyone with physical access to the device. The same data could also be recoverable through any remote backup systems in place. In most cases, the data is marked as deleted by the app itself -- but because it has not been overwritten, it is still recoverable through forensic tools. Zdziarski attributed the problem to the SQLite library used in coding the app, which does not overwrite by default. WhatsApp was applauded by many privacy advocates for switching to default end-to-end encryption through the Signal protocol, a process that completed this April. But that system only protects data in transit, preventing carriers and other intermediaries from spying on conversations as they travel across the network.

5 of 60 comments (clear)

  1. Not a SQLite problem by QuietLagoon · · Score: 5, Insightful

    ...Zdziarski attributed the problem to the SQLite library used in coding the app, which does not overwrite by default. ...

    That's not the root cause.

    The root cause is the programmer who used SQLite and did not know that SQLite did not fully delete, or did know but did not care.

    SQLite will only do what it is told to do by the programmer.

    1. Re:Not a SQLite problem by DRichardHipp · · Score: 4, Informative

      In SQLite, you can do "PRAGMA secure_delete=ON;" and it will subsequently overwrite all deleted information with zeros. This is turned off by default because it does more disk I/O. Alternatively, one can run "VACUUM" at any time to ensure that all deleted content has been purged from the database file.

  2. Fail is another 4 letter word by BoRegardless · · Score: 4, Insightful

    How can a company declare a product "secure" when obviously no security audit was done?

    If WhatsApp merely stated that in transit is encrypted, but data on your phone is open to discovery, even if deleted, at least they would have been honest.

  3. Alternate Headline by Tyrannosaur · · Score: 4, Insightful

    A better headline would be "WhatsApp Isn't Securely Deleting Its 'Deleted' Chats"

    Most file systems don't overwrite deleted data until the space is needed again. This is expected behavior.

    Of course, this is a flaw that should be fixed- especially that any backups would be able to see everything- but this doesn't look to be a "backdoor" or anything nefarious in WhatsApp.

  4. Flash! by sanf780 · · Score: 4, Interesting

    So the solution is to hammer the non volatile storage with over 38 writes so that nobody can recover your joke of the day, am I wrong?
    At some stage you need to balance convenience and security.