If you’re looking for fully encrypted chat apps, then WhatsApp is one app to consider. Installed by more than one billion users, the app offers end-to-end encryption, which means that nobody can access your chats and calls history without having access to your device. However, a security researcher discovered that WhatsApp doesn’t protect your privacy as good when it comes to deleted chats or chats that were backed up. While that sounds like a bad thing, meaning that anyone could theoretically access them (again, physical access to your device is still needed), you shouldn’t freak out about it just yet.
Analyzing the app, iOS researcher Jonathan Zdziarski found that deleting chats isn’t enough to protect your privacy. The app leaves a forensic trace of those logs, which can be turned into a goldmine by someone with the proper knowledge.
The app doesn’t overwrite records that have been deleted, so someone could salvage chats and extract information from a device, as long as that someone obtains access to the device in question.
“The core issue here is that ephemeral communication is not ephemeral on disk,” the researcher notes, reminding readers that Apple’s iMessage has the same problem. So don’t think that WhatsApp is the only one that “does” it.
Signal, however, an encrypted chat app whose protocol is also used by WhatsApp, doesn’t leave such forensic traces behind, and other apps have ways that minimize their forensic footprint.
One other problem with WhatsApp chats represents backups, especially those iPhone backups done over iCloud, which can’t be encrypted. That means law enforcement could extract WhatsApp data from iCloud backups if it needed to. The backup could also contain deleted chats mentioned above.
Again, most WhatsApp users shouldn’t even worry about these findings. But if you regularly talk about sensitive matters over WhatsApp, then you should consider taking some steps to prevent unwanted snooping.
First of all, you should not use iCloud to back up the iPhone. Instead, use a computer, and encrypt your backups. You should also delete WhatsApp from your device once in a while, to flush the database, and remove the deleted records for good.
WhatsApp might fix this problem itself in the future. Meanwhile, you can read Zdziarski’s full blog on the matter at this link.