2

Suppose I have a very simply notes app that does not use iCloud. All it does is simply save strings of plain text to files and retrieve them.

How securely is the data associated to the app (the text files) on the actual phone disk deleted when deleting the app? For example: by holding on the app icon and deleting it vs. formatting the whole iPhone.

Can it be recovered with special software/hardware?

wajakaf447
  • 21
  • Do the security requirements change between the time a user actively uses your app and the time it is deleted? – nohillside Feb 03 '20 at 12:54
  • What do you mean by security requirements exactly? – wajakaf447 Feb 03 '20 at 14:24
  • Why do you wonder whether the data gets deleted securely? If data security is important, shouldn‘t it already be an issue while the app is installed? And if it isn‘t while it is installed, why does it matter afterwards? – nohillside Feb 03 '20 at 14:36
  • I'm just simplifying the example there. It's in a particular use case where the app is used once to generate some data, and then immediately uninstalled. The app locally saves the data in case it needs to be retrieved, which is what I want to avoid by deleting it. – wajakaf447 Feb 03 '20 at 14:44
  • Are you asking because you're developing the app, because you have a question about a specific app or just a general broad question? Because right now, the answer to the question as written is "It depends on how data storage was implemented and how the uninstall process removes its files" – Allan Feb 03 '20 at 19:31

1 Answers1

1

Assuming you're not talking about a very old iPhone (i.e. iPhone 5 or older), then every file created by any app is actually encrypted on disk. The plain text content is not stored on disk at any time.

In addition, every file is encrypted with a unique key - i.e. there's a seperate key for each file. The key for the file is stored alongside the encrypted file contents, but encrypted with a so called "class key" (depending on the settings in the app). This is the foundation of the key hierarchy in Apple's "Data Protection" scheme.

When you delete an app manually, all the files stored locally by that app are deleted. This deletion of each individual file is actually done by simply deleting the per-file key. This makes it possible to delete even very large files quickly and securely at the same time.

jksoegaard
  • 77,783