The messaging service is efficient in encrypting messages in transit, but not as clever in managing those already arrived at their destination
A few months ago the adoption of end-to-end encryption by Whatsapp had made headlines thanks to which, since April no one has been able to intercept the ongoing conversations between users of the platform, not even Whatsapp itself.
Now for a recent report published by forensic researcher Jonathan Zdziarski he is questioning the entire security framework of the service: according to the evidence that Zdziarski has collected, it seems that WhatsApp is unable to permanently delete messages once you get to the phone, not even when the same user asks him to do it.
According to Zdziarski at the time of deletion, the software would simply make the messages disappear from the list of those visible in the app interface, without overwriting them to make them unrecoverable.
In principle, this is a behavior common to almost all digital memory management algorithms: deleting data in this way takes much less time, and the burden of overwriting them left to the next following of information that occupies that space . An app that prides itself on security should take care of this task firsthand: other messaging systems immediately cover deleted messages with random sequences of 0 and 1 to prevent their reconstruction even in the case of forensic analysis; WhatsApp keeps these spaces virtually free but in reality still readable indefinitely.
In this way it is possible to trace the messages already deleted inside a smartphone, and in some cases there is not even need to have physical access to the phone: in the iOS version of WhatsApp, for example, the (badly structured) databases end upeven on remote serversvia the iCloud backup feature.