Chat freelist

11-Apr-2016 12:36

A security researcher is warning Whats App users that their chats can be retrieved even after they have been deleted, cleared, or archived.

Jonathan Zdziarski says that even using the 'Clear All Chats' option leaves behind a 'forensic trace'.

Sorry, folks, while experts are saying the encryption checks out in Whats App, it looks like the latest version of the app tested leaves forensic trace of all of your chats, even after you’ve deleted, cleared, or archived them… In fact, the only way to get rid of them appears to be to delete the app entirely.

If you delete large chunks of messages at once, this causes large chunks of records to end up on this “free list”, and ultimately takes even longer for data to be overwritten by new data.

The core issue here is that ephemeral communication is not ephemeral on disk.

This is a problem that Apple has struggled with as well, which I’ve explained and made design recommendations recently in this blog post.

Apple’s i Message has this problem and it’s just as bad, if not worse.There is no guarantee the data will be overwritten by the next set of messages.