Security researcher discovers that Facebook-owned WhatsApp isn’t fully deleting users messages
The popular cross-platform messaging app, WhatsApp isn’t fully deleting the user deleted messages from its servers. This was discovered by an independent iOS researcher, Jonathan Zdziarski. Over a billion+ people use WhatsApp mostly from developing nations like India, China, and Brazil. They have come to trust WhatsApp with privacy and security issues ever since it enabled end-to-end encryption this April.
Explaining his findings in a post today Zdziarski
stated that the software retains and stores forensic traces of chat
logs even after the chats had been deleted by the WhatsApp users.
Zdziarski said that this would create a potential treasure trove of
information for anyone with physical access to the device. The same data
could also be recoverable through any remote backup systems in place.
Normally
when the WhatsApp user deletes a particular message or chat, the data
is deleted from within his App. But because it has not been overwritten,
it is still recoverable through forensic tools. Zdziarski attributed
the problem to the SQLite library used in coding the app, which does not
overwrite by default.
Remember,
WhatsApp’s end-to-end encryption protects user data only in transit
preventing ISPs, hackers, and others from snooping on the users’
conversation as it travels across the network.
Zdziarski’s
findings deal with what happens to that data after it reaches the
phone, particularly when it’s stored on the phone’s local disk drive or
remote iCloud storage. WhatsApp messages are backed up by iCloud without
hard encryption, so the finding means police could obtain clear records
of conversations through a court order, even if the conversation had
been deleted within the app.
“The core issue here is that ephemeral communication is not ephemeral on disk,” Zdziarski wrote in the post.
Source:Techworm.net
No comments:
Post a Comment