Wow, was that ever a thin soup article. Starts out with WA and ends with a sentence about iMessage "leaves a lot of data" but no details (I thought iMessage data at rest in iOS is encrypted- smith the article said WA messages are not.)
Jonathan Zdziarski [www.
zdziarski.com/blog/] had reported on the Messages issue about a year ago or so. Press just really didn't pick it up then. And considering that I filed the bug reports that underlaid the issue back on iOS 5.something… well, that should give you some idea where Apple is on SecDev.
Basically, the Messages DB doesn't vacuum correctly. I don't know WHY, I don't have the code. All I knew is I had a client who could search for words in "deleted" messages and see those messages in search results. Think sexting. Which meant the messages were still in the Messages DB, and still being indexed, even if Messages․app wasn't displaying them. It wasn't until after the iOS 5 jailbreak shipped that I was able to confirm it and push Apple more. By that time, the user had gone to iOS 6 because Apple Support told them it fixed the issue (and I lost the ability to jailbreak to check). Only iOS 6 didn't fix the issue, it just seemed to hide it for a bit (I'm guessing the indexes got wiped, took a while to re-index). What Zdziarski's research then revealed was a) Apple wasn't encrypting the Messages.db on the phone and that you could grab the Messages db out of an iTunes backup same as it was on the phone. So, by iOS 7 and before any jailbreaks I was able to file more bugs because the lack of vacuuming wasn't only an information leak (data that the user wanted deleted was not being deleted), it also had a side-effect of ballooning the Messages DB over a prolonged period of time (say for a user who had never Restored to Factory, and kept updating from iOS 3 to iOS 7) which then negatively impacted iCloud backup storage or even ability (the Messages DB cannot be manually vacuumed or reset from iOS, so if the bug caused old messages and thought-deleted conversation attachments to build up, which then are to be backed up, causing iCloud Backups to fail because the whole mess of unwanted data is greater than 5GB).
Zdziarski seemed to insinuate that it was rather likely that Apple wasn't fixing the issue because it benefitted Law Enforcement. Doesn't make much sense otherwise. In fact, in newer versions of the Messages DB, Apple changed how Deleted Messages are handled, moving them to an entirely different Table in the database, likely so they aren't indexed (triggering my first bug report). Very fishy.
That's the CliffsNotes.
(Oh, and I should note: this is still going on, although I haven't tested under iOS10, and includes deleted pictures. You'd be astounded what sometimes can be found in an unencrypted iTunes backup that users SWEAR they had deleted, and Messages․app shows--or rather doesn't, by not *showing* the messages--they are honest.)
((And having now just double-checked, my initial bug reports were closed with the "Engineering is aware of the issue and is tracking" dodge. Again, FISHY.))