Signal “very happy” Apple fixed bug storing private chats after app was deleted.
See full article...
See full article...
Apple stops weirdly storing data that let cops spy on Signal chats
- Thread starter JournalBot
- Start date
Was this an oversight or an intentional backdoor? Feels like Apple should have been aware of this behavior by law enforcement for a long time, without 404 Media's reporting I don't think this would have been patched.
Upvote
38
(73
/
-35)
Regular users hoping to normalize privacy-preserving technologies use encrypted apps like Signal to communicate completely innocuous information.
/FTFY
Upvote
273
(274
/
-1)
Yeah... no. We use it to both avoid ANY kind of surveillance and keep our data secure from any kind of abuse.
EDIT: Ninja'd by isagalaev.
Upvote
178
(178
/
0)
Push notifications can (or rather, past tense, could) be retrieved from two locations:
- the push servers themselves (as they log any and all notifications going through)
- the device's own push database (which should only store push notifications that haven't been actioned upon, i.e. the app hasn't received them yet)
Apple patched an issue with the latter. The core difference is, the police/FBI needs no warrant to search a device, whereas they do need one to get data from Apple.
Also, key information here: a push notification isn't really a notification in the sene of the user seeing an alert from an app. It's a message delivered (pushed) to the app, instead of the app constantly polling a server for updates. This message can be literally anything: an actual notification of new messages (or rather, the actual messages delivered to the app, one per PN), a signal for the app to check for updates, and so on - it's up to the developer to decide what data to push through. So not all PNs from Signal would necessarily be actionable by the user (actionable here means that an actual notification, an alert banner the user can tap, appears).
Upvote
70
(71
/
-1)
“Weirdly”? It was a logging bug, one of the most common info leak sources in all of software. And push notifications explicitly involve sending notification content to Apple.
Apple not only fixed it immediately, it it backported hotfixes OS versions no longer actively supported.
Sure, it’s a bad bug, but you can’t claim it’s weird or say there’s anything more Apple could have done in response.
Upvote
135
(143
/
-8)
They absolutely need a warrant to search the device, and sometimes that request for a warrant is denied
Example:
https://www.cbsnews.com/boston/news/watch-live-karen-read-hearing-cellphones
Upvote
56
(57
/
-1)
No. The push notification just tells Signal there is new content. Signal connects, gets the message using e2ee (so Apple can't see it), then uses system APIs to display the cleartext message in notifications. That's where the leak occurred. The OS had no business logging these in the first place, unless this has something to do with Apple Intelligence.
Upvote
44
(53
/
-9)
I'm left wondering how secure third party devices with notification access are. Smart watches, cars, and even bluetooth speakers get notifications and often have direct internet access.
If they're not already being used to sniff data from notifications, they sure will be after this 404 Media report.
If they're not already being used to sniff data from notifications, they sure will be after this 404 Media report.
Upvote
16
(16
/
0)
This. The problem only occurred for people who had previews enabled. If your main concern is that your chat remains private, but you can see it in your notification, shouldn't you realize that the data is somewhere it shouldn't be? Same goes for emails, though of course they're not normally encrypted.
And it's true that the system shouldn't have logged the notifications, but people shouldn't have previews on if the info is that sensitive.
Upvote
28
(31
/
-3)
People with fiduciary or confidentiality duties to respect need end to end encryption as part of any half-assed schema of compliance with their duties.
Upvote
29
(29
/
0)
iOS has a setting that requires an unlock before displaying the notification content. It should be on by default, but isn't. There are similar opt-in settings to require the phone to be unlocked before control center and Siri work.
Not only that, but Signal also has a an opt-in setting before it donates plain-text to the notification system. The user had to turn this on in the first place before they were vulnerable.
Upvote
28
(32
/
-4)
Your friendly daily reminder that Antifa is not an organization but a political movement, and the fact that the Trumpers designated an anti-fascism movement a "terrorist organization" tells you all you need to know about whether Trump and his cultists are fascist or not (they are).
Upvote
80
(86
/
-6)
Upvote
16
(16
/
0)
If the FBI is willing to admit that this is how they got the data, I assume this means they have another backdoor. If this was the only backdoor, they wouldn't have admitted how, just "forensic expert" or some such.
Upvote
-7
(5
/
-12)
This is tangentially related, but I'm always surprised how much of a notification you can see when you have "Show previews only when unlocked" enabled. I enabled this feature with the advent of the always on screen, because I'd often have to leave my phone at work somewhere and didn't want nosy coworkers reading my notifications.
Some apps, such as Messages or Gmail, will simply show placeholder text like "new message" without any sender details or subjects. On the other hand, WhatsApp will show the name of the sender and the title of the chat, so anyone who glances at my unattended phone's screen will see that I got a message from "Kayleigh" in the "My Secret Harem" chat (this is obviously a joke but you get the idea). It seems strange that there isn't a more uniform restriction on what can show in an app's notification preview when the phone is locked.
Some apps, such as Messages or Gmail, will simply show placeholder text like "new message" without any sender details or subjects. On the other hand, WhatsApp will show the name of the sender and the title of the chat, so anyone who glances at my unattended phone's screen will see that I got a message from "Kayleigh" in the "My Secret Harem" chat (this is obviously a joke but you get the idea). It seems strange that there isn't a more uniform restriction on what can show in an app's notification preview when the phone is locked.
Upvote
28
(28
/
0)
This is incorrect.
When I cover the camera on my iPhone, the only thing that shows is that apps have notifications. You can change this, but if you're concerned about it, you won't, obviously. And if you don't want your lock screen showing that you have, say, Signal installed, you can turn off lock screen notifications for Signal or any other specific app (or just turn off lock screen notifications altogether).
Upvote
12
(12
/
0)
Why not? I'm genuinely curious; someone I know personally also does not trust it, but the general consensus seems to be that it's as trustworthy as anything else out there, and more so than many.
Upvote
33
(33
/
0)
Relieved to see Apple's recent positive about-face on iOS 18 security updates has held. Like the previous iOS 18.7.7 this has been released as 18.7.8 to users who are choosing not to upgrade to iOS 26 despite support. (Before 18.7.7 Apple held a user-hostile stance that any devices which supported iOS 26 would have to upgrade major versions or remain insecure despite iOS 18 receiving the security updates on older devices.)
Upvote
8
(8
/
0)
Just a heads up to anyone updating to iOS 26.4.2; for the first time ever, this update failed on my iPhone 15 Pro, giving me a white screen with "Swipe Up to Recover" at the bottom.
I'm now waiting (looks to take at least 30 minutes), looking at a white screen with apple logo and progress bar with "Attempting Data Recovery" at the bottom. I'm hoping that I get a usable phone back sometime soon.
I'm now waiting (looks to take at least 30 minutes), looking at a white screen with apple logo and progress bar with "Attempting Data Recovery" at the bottom. I'm hoping that I get a usable phone back sometime soon.
Upvote
-3
(5
/
-8)
You can’t introduce evidence in court without detailing how you acquired it. Court isn’t setup to accept “trust me bro” as a source citation.
Last edited:
Upvote
28
(30
/
-2)
It’s an iOS bug that was Apples fault, and they quickly fixed to their credit. I breath a sigh of relief it hasn’t happened to me given I typically log everything when in development and it only takes one screwup to forget to build without logging.
And the real mistake was the terrible opsec practiced by the alleged “antifa” larpers. Never turn on previews, always keep your encrypted chats in their encrypted applications container.
Upvote
6
(11
/
-5)
This is still an absolutely ridiculous system, involving multiple certificate chains and many, many points of failure.
Looking at it from an email and XMPP (basically any federated service) point of view, it's not only ridiculous, but idiotic and malevolent.
You can't create an XMPP app without running proxy servers for notifications, because the notification servers are tied to your app, but the server the user choses probably has no connection whatsoever to the app. Not sending content in the notification is a server-side toggle.
With email it's even worse. Try running your own server, no IMAP IDLE for you.
Upvote
-11
(1
/
-12)
Exactly. The same reason we seal letters going via snail mail, and that tampering with mail is a federal crime.
Upvote
17
(18
/
-1)
Is that really a defense? It sounds much, much worse to me. What other user content does the device log, in the clear, potentially forever?
Upvote
-14
(2
/
-16)
Isn’t Signal like WhatsApp in that you only message between people you know or groups you’ve signed up for. Whether there are lots of Russians, or anyone else, on it wouldn’t make any difference to one’s own experience surely? Like the previous poster, I’ve also got friends who don’t trust it - which I find odd - so trying to understand another’s perspective.
Upvote
29
(29
/
0)
Parellel construction still requires demonstrating a legal source for the evidence with a reasonable chain of evidence. It’s not “trust me bro”.
And the question here is why didn’t they use it here? Perhaps because parallel construction is difficult to achieve with hacked data?
Upvote
9
(13
/
-4)
Who can contact you on signal depends on your privacy settings. This has changed over time, but as I understand it, you can either be discoverable by phone number or by a unique username (and your phone number can be visible in your 'profile' or hidden)
Phone number is convenient, since then anyone with signal installed who has you in their contacts will be able to see that they can message you that way, otherwise they need your exact username.
But, the downside to that convenience is that it's easy for spammers and scammers to send you a message. I get a message every every month or three, I assume from bots trying random numbers (surprisingly, I don't see this on WhatsApp or telegram, both of which I find dramatically less trustworthy than signal).
But, I imagine that if someone had relaxed privacy settings and was in some signal groups, they'd likely get more targeted/weird spam messages.
Upvote
12
(12
/
0)