New research now shows that WhatsApp is not as secure as many have thought because it still leaves traces of messages and conversation logs even after they have been deleted or cleared by the user.
WhatsApp was touted as one of the most secure messaging apps because of its end-to-end encryption that was just rolled out in April. It even became a problem with judges in Brazil who could not get what they want because the messages were not saved in WhatsApp servers.
While that may not be the case, the app is still unsecure in some form as security experts discovered that skilled hackers can still salvage data from the deleted files. Security researcher Jonathan Zdziarski found out that the deleted messages from WhatsApp still left forensic traces which can still be used to be put back together in a readable form, Forbes has learned.
The main problem as Zdziarski put it is the SQLite library that is being used by WhatsApp does not overwrite by default. Traces of the files can still be recovered to their original form which makes deleting them ultimately useless.
Blancco Technology Group CTO Richard Stiennon said that the average consumer does not really know that deleting something on their smartphone or computers does not mean that it is completely destroyed. In order to destroy the data definitely, the files should be overwritten by 1s and 0s for several loops.
Zdziarksi said that WhatsAPp users can completely destroy their chat logs and messages by uninstalling the app itself, TechCrunch reported. In fact, he recommends that users should uninstall the app once in a while and just reinstall it again just to make sure that their conversations and messages are destroyed.
If a hacker gets a hold of the deleted but not destroyed data, they can still be recovered. Sensitive messages could be used to blackmail users into paying money similar to ransomware attacks.
Facebook has not officially commented on the WhatsApp discovery yet and it is unclear how it would affect their relationship once again with law enforcement authorities in Brazil. For now, WhatsApp users can still rest easy knowing that they can just uninstall the app and install it again to clear their logs.