Apple patches bug that let FBI access deleted Signal messages

Apple has patched a security vulnerability that allowed the FBI to view deleted content from the encrypted messaging app Signal.

In a post to its website on Wednesday, Apple said it had fixed a bug that allowed notifications marked for deletion to be “unexpectedly retained on the device.”

The flaw — first revealed by 404 Media earlier this month — allowed the FBI to forensically extract copies of incoming Signal messages from an iPhone even after its owner had deleted the app.

Unknown to users, copies of the messages were being saved in the iPhone’s push notification database. The flaw only affected iPhone and iPad users who enabled push notifications on Signal that included the content of messages.

The issue emerged in the FBI’s investigation of purported Antifa operatives who were accused of vandalizing an ICE facility and shooting fireworks at a police officer in Alvarado, Texas, last July 4.

A federal jury convicted nine people in March on charges that included providing material support to terrorists and attempted murder. During the trial, prosecutors introduced numerous messages that the defendants had sent using the encrypted messaging app.

In a statement on X, Signal applauded Apple’s actions and told iOS users that “all inadvertently preserved notifications will be deleted and no forthcoming notifications will be preserved for deleted applications.”

It’s unclear how long the bug had been known to law enforcement and whether attempts to extract Signal messages were made in other investigations.

Although the issue has been fixed, iPhone users can still choose to stop notifications from displaying certain information. To do so, users can click their profile picture in Signal, select “Notifications,” go to “Show” and select either “Name only” or “No name or message.”

The Electronic Frontier Foundation (EFF), a nonprofit organization focused on digital civil liberties, has urged people with privacy and security concerns to “reconsider whether any app should be sending you notifications to begin with.”

“For most app notifications, there’s no simple way to easily figure out what metadata might be gleaned from a notification, or if the notification is unencrypted or not,” the EFF said.

The Freedom of the Press Foundation also maintains a guide on further locking down Signal.

Ella Rae Greene, Editor In Chief

Ella Greene

Ella and the staff at Clear Media Project (CMP) curate these articles.
Unless otherwise noted CMP does not write these articles.
The views, thoughts, and opinions expressed in the articles published on this blog belong solely to the original authors and do not necessarily reflect the views of the blog owner. The blog owner does not claim ownership of the content shared by contributors and is not responsible for any inaccuracies, errors, or omissions.

All rights and credits goes to its rightful owners. No Copyright Infringement is intended. If you believe any content infringes on your rights, please contact us for review and potential removal.

See author's posts