We are all guilty of sending messages, especially media files to someone on WhatsApp who shouldn’t look at them. Luckily, WhatsApp introduced the ‘Delete for Everyone’ feature that allows us to “unsend” or delete our mistakes. But did you know that this potentially ‘life-saving’ feature contains an unpatched privacy bug that leaves many of its iPhone users with a false sense of privacy?
According to a recent discovery by Shitesh Sachan, an application security consultant, the WhatsApp ‘Delete for Everyone’ feature doesn’t delete media files that are sent to iPhone users. In fact, TheHackerNews who first reported the story, claims that the media files are saved on the recipient’s iOS Camera Roll even if they are deleted from the WhatsApp’s chat screen. This means that even if the sender “deletes the media for everyone”, the files remain in the recipient’s device memory, and is not automatically deleted as it happens on Android and this will allow the recipient to view media sent if they go to the Camera Roll folder.
Earlier this week, a similar flaw was also discovered in the Telegram messenger app, however, the company patched the flaw immediately. However, in the case of WhatsApp, the company refused to address the problem at Sachan’s request. In fact, WhatsApp claimed that they cannot give any guarantee that the media file or the media message deleted using the ‘Delete for Everyone’ feature will be removed permanently from the device. Responding to TheHackerNews WhatsApp’s security team said:
The functionality provided via “Delete for Everyone” is intended to delete the message and there is no guarantee that the media (or message) will be permanently deleted—the implementation focuses around the message presence in WhatsApp.
This is a serious flaw that undermines the privacy of WhatsApp users, who are mistakenly made to think that the message has been deleted for everyone. And what’s even scary is that WhatsApp hasn’t even promised to fix this flaw. So you need to be extra careful before you send media via WhatsApp to an iPhone user because there’s no guarantee that they won’t be able to see the media you mistakenly sent them and you didn’t want them to view.
Quick NetOne, Telecel, Africom, And Econet Airtime Recharge
If anything goes wrong, click here to enter your query.