iOS 26.4.2 Patches Flaw That Let FBI Extract Deleted Signal Messages

[Taq'aix]

Good job Apple.

 

[Acidsplat]

People who don't commit crime, don't need protection from FBI or from anyone.

Because the FBI has famously never gone after innocent people. 🙄

 

[locovaca]

How long until Apple is deemed a supply chain risk…

 

[jaytv111]

I do use Signal, certainly don't have my messages displayed on the Lock Screen.

But to understand, IF someone has them on the lock screen, deletes the App even, they were subsequently accessible to the FBI (in this case) retrospectively? Just because they appeared on the Lock Screen prior?

Yes. They used notification previews, they deleted the app, the app data is gone forever, but the system managed database kept the notification previews. Now the system will presumably clean up the database more, or at the least make sure deleted apps get fully deleted. It’s potentially just a logging database and even when you clear old notifications this DB retains entries.

 

[PBG4 Dude]

Kash Patel breathing a sigh of relief (don’t light a lighter in front of it) right now lol.

 

[Alpha Centauri]

Yes. They used notification previews, they deleted the app, the app data is gone forever, but the system managed database kept the notification previews. Now the system will presumably clean up the database more, or at the least make sure deleted apps get fully deleted. It’s potentially just a logging database and even when you clear old notifications this DB retains entries.

I understood it correctly then. Thank you for confirming and explaining what exactly happened under the hood with this issue.

 

[BaldiMac]

No, Signal was using OS-provided Notification APIs, which had the flaw. This would affect all apps, and is a notable "uh-oh" moment for Apple. They failed to catch this during testing of how closely iOS adheres to their promise of privacy.

Notable? I guess cause it was used in a high profile way. But temporarily caching user data isn’t a flaw so much as a normal practice that was abused by law enforcement after they had gained access to the device.

Good on Apple for clearing the database in a more timely manner.

 

[HouseLannister]

Improved redaction sounds like they no longer store the actual message preview content in the log anymore.

And that we will never get a notification history. Sigh…

 

[t0rqx]

Anyone remember that Apple never deleted photos that were deleted and people could just recover them.

This is the same code that they said “fixed”.

A post earlier of mine which described these codes being deliberately not recoded for some agencies.

This is another proof.

 

[roklanhavok]

Notifications can often give a little information away even with this fix. You have to be careful in choosing which you allow.

 

[gwang73]

Why couldn't this be one of those background security updates? Another feature that does absolutely nothing.

 

[coolfactor]

Notable? I guess cause it was used in a high profile way. But temporarily caching user data isn’t a flaw so much as a normal practice that was abused by law enforcement after they had gained access to the device.

Good on Apple for clearing the database in a more timely manner.

Caching isn't the flaw... how the caching/logging was done was the flaw.

It's like handing out a photocopy of your banking info, which itself is securely stored in a safe. The photocopy is not.

 

[Black_Mage]

Ahh yes, once again Apple protecting criminals.

Because only criminals care about privacy?

 

[Black_Mage]

The next couple of years will be wild. With AI easily able to detect holes, I predict a lot of updates for all software in the coming years.

It's as if A.I. has replaced nukes in the new arms race.

 

[TJFDenver]

bring back Tim Cook

 

[Alpha Centauri]

Ahh yes, once again Apple protecting criminals.

“You shouldn’t change your behavior because a government agency somewhere is doing the wrong thing. If we sacrifice our values because we’re afraid, we don’t care about those values very much.”
― Edward Snowden

 

[Black_Mage]

People who don't commit crime, don't need protection from FBI or from anyone.

About that:

 

[Shirasaki]

Ahh yes, once again Apple protecting criminals.

Harm millions to attempt to expose a thousand. Sounds like a good trade for you I reckon. Remember, criminals already broke the law.

 

[Shirasaki]

“You shouldn’t change your behavior because a government agency somewhere is doing the wrong thing. If we sacrifice our values because we’re afraid, we don’t care about those values very much.”
― Edward Snowden

Well said. While I don’t deny that sometimes sacrifice must be made, the very fact that things can be sacrificed means that there is that possibility of those things aren’t as important as we claimed to be.

This also reminds me why “ultimate sacrifice” is often referred to as someone losing their lives for a greater cause.

 

[UliBaer]

One has to seriously ask in the first place, why Apple stores notification messages even after the notifications have been read and even after the app was deleted. This is/was absolutely Apples fault and I think even every app that uses notifications had this "problem". Signal is not to blame for this, this is Apple being negligent.
So much for privacy... 🤣

 

[Reason077]

So I don’t display messages in the lock screen, but this sounds like it’s a signal issue?

It’s not specifically a Signal issue, it’s an issue for any app that display notifications that contain potentially sensitive information.

And why wasn’t the database encrypted?

I assume it is encrypted like any other data on iOS, but gets decrypted when you log in with a passcode. Presumably, to exploit this you still do need the passcode or another way to decrypt device data.

 

[Reason077]

Just like 18.7.7, this iOS 18.7.8 update has also been made available to compatible devices that are not running iOS 26. Nice job Apple!

 

[sdf]

It's not really a Signal issue from what I understand. App notifications work by the app passing the text message to be displayed to iOS which handles the notification message. It can't pass it as encrypted as iOS wouldn't be able to decrypt it to display it. Apps can't serve their own native notifications.

This is at least mostly correct.

I'm saying mostly because I'm not sure what the last sentence means — if you mean apps can decode encrypted notifications so that iOS can display them, you've got the architecture correct.

 

[BaldiMac]

Caching isn't the flaw... how the caching/logging was done was the flaw.

It's like handing out a photocopy of your banking info, which itself is securely stored in a safe. The photocopy is not.

Not really. The database/photocopy was still in the safe. It was simply an extra copy that wasn't deleted at the same time as the original, so it was still around when someone opened the safe.

In fact, Signal was aware of the storage of the extra copy and provided a setting to disable it.

 

[GermanSuplex]

Ahh yes, once again Apple protecting criminals.

Well, that depends if our top Pentagon folks still use Signal, though encryption matters less if they simply message the wrong people. 😎