iMessage and WhatsApp security flaw means deleted chat logs aren’t really erased

BY • 7:20 AM, JULY 29, 2016

Sorry Android users, no iMessage for you.
Your deleted chat logs could come back to haunt you.
Photo: Apple
WhatsApp and iMessage may be examples of end-to-end encryption in action, but there are still potential security flaws which can leave your data exposed.

As discovered by iOS researcher Jonathan Zdziarski, both messaging services have been found to not completely delete messages when erasing them — meaning that a person with physical access to your phone, or backups of data in the cloud, may be able to retrieve “deleted” conversations.

According to Zdziarski, the issue relates to the SQLite library used to build the apps. As he writes:

“Forensic trace is common among any application that uses SQLite, because SQLite by default does not vacuum databases on iOS (likely in an effort to prevent wear). When a record is deleted, it is simply added to a ‘free list’, but free records do not get overwritten until later on when the database needs the extra storage (usually after many more records are created). If you delete large chunks of messages at once, this causes large chunks of records to end up on this ‘free list’, and ultimately takes even longer for data to be overwritten by new data.”

The fact that extracting this data isn’t too straightforward means there’s no reason to be too concerned, but Zdziarski all the same suggests that it’s a good idea to configure a strong backup password for your iPhone using iTunes, and not storing this in Keychain.

It’s also possible to disable iCloud backups, while you can protect against WhatsApp deleted chats being extracted by deleting the app every so often and then reinstalling it — thereby erasing old chat logs.

 

http://www.cultofmac.com/440214/imessage-and-whatsapp-security-flaw-means-deleted-chat-logs-arent-really-erased/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s