WhatsApp much-touted end-to-end encryption isn’t as effective as the company claims it is in keep your iPhone chat history private. Forensic scientist Jonathan Zdziarski recently published a post about the issue on his blog, claiming that the app retains conversations even after its been deleted.
According to Zdziarski’s research, WhatsApp stores a forensic trace of your chats. This means that anyone who gets their hands on your iPhone could potentially get access to your data. While the app is deleting the records, the record itself is still recoverable as it has not been erased from the database.
This basically means that WhatsApp is leaving behind a forensic footprint which can be recovered and reconstructed back to its original form. Other than being accessible via your phone, these artifacts also get uploaded to backups in iCloud and iTunes. The former is especially vulnerable since it doesn’t offer encryption tools like the latter does.
Also Read: WhatsApp gets voicemail, call back features
These iCloud backups leave you vulnerable to the police or government since they can demand a copy of your WhatsApp chats as evidence in a case. Brazil has been waging a months-long war against the app for this very reason, with the company stating that it doesn’t store data on its servers.
WhatsApp isn’t the only iOS app to suffer from this problem, as even Apple’s iMessage leaves forensic traces. As Zdziarski puts it, ephemeral communication is not ephemeral on disk. He recommends people either delete the app and reinstall it periodically, set an encryption password for iTunes backup, or disable iCloud.