Hi, question about WhatsApp server and deleted message data retention

[InvertedGoldfish]

I use WhatsApp so this concerned me and thought I’d ask here

Recently read a sad story of a crazy ex pushing her ex boyfriend to take his own life, bad news
The reason I post this is due to how the state made their case, seems WhatsApp servers are maintained even after account deletion, plus the old messages appear to be retrievable even after deletion

Any thoughts on this?

Thanks

 

[Mr_Brightside_@]

It doesn't look like anyone here knows. Contact WhatsApp directly.

 

[InvertedGoldfish]

It doesn't look like anyone here knows. Contact WhatsApp directly.

Yeah, they don’t seem to want to answer that question lol

 

[Mr_Brightside_@]

You have seen this?

Information for Law Enforcement Authorities | WhatsApp Help Center

faq.whatsapp.com

 

[InvertedGoldfish]

You have seen this?

Information for Law Enforcement Authorities | WhatsApp Help Center

faq.whatsapp.com

Niiiice

I had not, thanks

“We do not retain data for law enforcement purposes unless we receive a valid preservation request before a user has deleted that content from our service”

How’s that even possible with REAL end to end encryption?

What a load of BS!

Gotta love sleezy marketing, guess the truth is on page 3 million in 3 point front on some “privacy policy”



Well that’s that for WhatsApp, what’s a good alternate with real privacy and security for message groups
signal?
Session?

 

[chown33]

The affidavit you posted states at the end of paragraph 2:

The messages discussed herein between REUTSCH and METZGER were found on REUTSCH'S cellphone.

So the answer to "How's that even possible" is that the data exists in unencrypted (cleartext) form on the phone of each participant. If this weren't so, then the participant would be unable to read the message.

From there, the cleartext data must be handled the same way you would treat erasing data from a computer with an unencrypted disk. That is, simply deleting an app or a file is insufficient. One must wipe the free-space of the storage completely. Even then, there's a possibility that data could linger, but it would take a significant effort to look for that lingering data and extract it.

WhatsApp's servers will always have cleartext representations of message metadata, such as who sent a message to whom, what time, and possibly size. All the metadata must be in cleartext on the server, because the server needs to read the data in order to perform delivery. If the metadata were encrypted, the server couldn't deliver messages.

 

[InvertedGoldfish]

The affidavit you posted states at the end of paragraph 2:

So the answer to "How's that even possible" is that the data exists in unencrypted (cleartext) form on the phone of each participant. If this weren't so, then the participant would be unable to read the message.

From there, the cleartext data must be handled the same way you would treat erasing data from a computer with an unencrypted disk. That is, simply deleting an app or a file is insufficient. One must wipe the free-space of the storage completely. Even then, there's a possibility that data could linger, but it would take a significant effort to look for that lingering data and extract it.

WhatsApp's servers will always have cleartext representations of message metadata, such as who sent a message to whom, what time, and possibly size. All the metadata must be in cleartext on the server, because the server needs to read the data in order to perform delivery. If the metadata were encrypted, the server couldn't deliver messages.

If it was just on the phone how do you explain the subpoena for the server records in WhatsApp own statement that they can monitor and archive if requested, if it’s true end to end their archives would be useless without the key

 

[chown33]

You can choose to believe what you wish about whether it's truly end-to-end or not. I have no opinion either way. I'm simply treating it as if it were E2E, and pointing out issues I see.

Recarding the statement in the affidavit: I suspect a sworn affidavit misrepresenting the source of data would count as perjury, and disqualify the collected evidence in some jurisdictions.

The WhatsApp page for law enforcement doesn't detail what data is available for collection. The paragraphs starting "In the ordinary course of providing our service ..." describe some info, including repeating that the messages are E2E encrypted, but the list doesn't seem comprehensive to me.

If WhatsApp monitors messages, I read that as keeping a record of message metadata: dates, times, participants, sizes, IP addresses, and anything else that happens to be kept in cleartext form. That would presumably include info about the account itself.

Archiving encrypted messages might be useful if the encryption key can be extracted from a participant's device. Apparently, the on-device security handling is a bit cavalier (in my opinion), otherwise cleartext messages stored on-device would be unretrievable, because they'd be overwritten on storage, or never stored at all in cleartext form. The statement in the affidavit suggests to me that WhatsApp's on-device cleartext security handling could be improved.

 

[InvertedGoldfish]

You can choose to believe what you wish about whether it's truly end-to-end or not. I have no opinion either way. I'm simply treating it as if it were E2E, and pointing out issues I see.

Recarding the statement in the affidavit: I suspect a sworn affidavit misrepresenting the source of data would count as perjury, and disqualify the collected evidence in some jurisdictions.

The WhatsApp page for law enforcement doesn't detail what data is available for collection. The paragraphs starting "In the ordinary course of providing our service ..." describe some info, including repeating that the messages are E2E encrypted, but the list doesn't seem comprehensive to me.

If WhatsApp monitors messages, I read that as keeping a record of message metadata: dates, times, participants, sizes, IP addresses, and anything else that happens to be kept in cleartext form. That would presumably include info about the account itself.

Archiving encrypted messages might be useful if the encryption key can be extracted from a participant's device. Apparently, the on-device security handling is a bit cavalier (in my opinion), otherwise cleartext messages stored on-device would be unretrievable, because they'd be overwritten on storage, or never stored at all in cleartext form. The statement in the affidavit suggests to me that WhatsApp's on-device cleartext security handling could be improved.

I agree

I also think a zero logging policy is the best policy if you’re selling your software as private