iOS researcher Jonathan Zdziarski has discovered a potential security flaw in the iOS version of the popular third-party chat app WhatsApp. As per the researcher, WhatsApp does not fully delete chat logs even after they have been explicitly deleted. Instead, the app retains a “forensic trace” of the chat logs that can turn out to be an information mine for anyone who has the required skills to access them.
Zdziarski tested out his theory by beginning a few chat threads, then archiving, clearing, and deleting them, but found that none of the app’s deletion methods, even Clear All Chats, “made any difference in how deleted records were preserved.” The central flaw appeared to be in the app’s SQLite records, which retained the deleted chats in its database that could be accessed by a harmful individual with the right “popular forensics tools.”
The only way to completely get rid of these chat logs is to delete WhatsApp completely from the device.
The researcher says this is a common problem with any application that uses SQLite for its database purposes. In fact, even Apple’s own iMessage has this problem. Signal is the only chat messaging app that leaves no such trace.
Apple’s iMessage has this problem and it’s just as bad, if not worse. Your SMS.db is stored in an iCloud backup, but copies of it also exist on your iPad, your desktop, and anywhere else you receive iMessages. Deleted content also suffers the same fate.
This is not a serious security breach by any means, but if you are paranoid about your privacy and data, you can disable iCloud backups, periodically delete WhatsApp from your device and reinstall it again, and ultimately, hope and wait for a fix from WhatsApp.