That, of course, wasn’t enough to put everyone’s mind at ease, which is why security researchers at Synactiv (via Bleeping Computer) reversed engineered iOS 17.5.1, the update that was released to fix the issue that popped up after iOS 17.5 was rolled out.
The researchers used an iPhone 13 to compare the changes made between the two updates.
The analysts discovered that Apple had removed a routine that was tasked with scanning and re-importing photos from the filesystem. As a result, old files on the local file systems were reindexed and added back to galleries.
In short, the photos that people thought they had deleted but were still on the filesystems were found by a migration routine that was added in iOS 17.5.
With iOS 17.5.1, the filesystem scanning routine was removed to prevent deleted images stored outside of the photo library from showing up again. The researchers also discovered that Apple did nothing to delete the imported photos from the library or permanently remove the so-called deleted images lying on the filesystem.
The only solace here is that Apple isn’t saving deleted photos in a remote server without your knowledge and this also doesn’t seem like a backdoor that was built into the system.
The question then remains: what were deleted photos still doing in the filesystem despite Apple’s claim that files that you delete linger in the system for 30 days before being permanently removed.
So while you may think a photo has been deleted, chances are that the Files app still has a copy of it.