FBI used iPhone notification data to retrieve deleted Signal messages

Posted by 01-_- 10 hours ago

FBI used iPhone notification data to retrieve deleted Signal messages(9to5mac.com)

508 points | 259 commentspage 2

donohoe 6 hours ago|

Was this not a known issue (in terms of trade-offs) for years? I recall discussion back in 2018 at least that made mention of this concern.

https://github.com/RealityNet/iOS-Forensics-References https://theforensicscooter.com/2021/10/03/ios-knowledgec-db-...

halapro 6 hours ago||

While it's definitely surprising that the OS caches this data after the notifications have been swiped away, I always thought that notifications are an obvious hole in the whole E2E encryption setup.

Thorrez 6 hours ago|

AIUI, Signal push notifications just saying a message was received. Signal then fetches the E2E encrypted message from the server and decrypts it locally. So Apple/Google cannot read the messages, nor can Signal servers.

leesalminen 6 hours ago||

AIUI, Signal decrypts the E2EE message locally, but then sends the decrypted message to iOS in order to display the notification to the user. iOS then stores this data and it persists after the user dismisses the notification.

This makes sense and there's really no way around it without a change from Apple. If iOS is going to show the user a Signal notification with the decrypted message in the notification body, then iOS must be given the decrypted message. iOS could (and probably should) delete that data off the device as soon as the user dismisses/engages with the notification. But it sounds like they do not.

ttkari 3 hours ago||

This is the same issue that got a local drug organization busted some time ago - their entire α-PVP cooking operation was busted after one of the gang members was caught during a sale, his iphone was confiscated and the entire org was right there in the notification history.

I guess that's what you deserve if you trust apple with your operational security.

chinathrow 9 hours ago||

On Android, when I use WhatsApp and have notifications for groups turned off, I can still see that they arrive briefly and then get removed (the icon top left vanishes). I wonder often, if this is a way to push all group message content into an unencrypted data trace as well - for the same use case.

arkon_hn 9 hours ago||

If the notification has the data, then yes. It's trivial to create an app that listens to notifications; Samsung even has one themselves called NotiStar that replicates the notification history feature that Android normally has.

pipe01 5 hours ago||

I've never seen this happen, maybe you're seeing the "Fetching messages" notification that sometimes pops up for a second?

etiam 10 hours ago||

Also discussed yesterday, in https://news.ycombinator.com/item?id=47703573

SwtCyber 5 hours ago||

This is one of those cases where the "secure app" narrative collides with how messy real systems actually are

kouru225 3 hours ago||

I don’t know why anyone trusts Signal. People keep talking about them. I thought it was clear years ago that they were a sketchy company

frizlab 10 hours ago||

Aren’t notifications supposed to be encrypted for Signal?

shantara 10 hours ago||

iOS stores the previously displayed notifications in an internal database, which was used to access the data. It’s outside of Signal’s control, they recommend disabling showing notification content in their settings to prevent this attack vector

exitb 8 hours ago||

They do control the content on the notification. It's a bit odd to put the sensitive text in the notification only to recommend disabling it at the system level.

kccqzy 7 hours ago|||

No. They recommended disabling it at the app level. Only the Signal app can control whether the message contents are included in the notifications.

frizlab 8 hours ago|||

They do not. They send encrypted notifications. It’s the OS that stores them unencrypted. It’s the OS at fault here IMHO.

throawayonthe 7 hours ago||

i think they're replying to the "recommendation" part -- if it was recommended, why isn't it the safe default?

i haven't actually seen signal or anyone adjacent recommend that previously though, idk where that claim came from

shantara 5 hours ago||

Sorry, the “recommended” was a bad wording on my part. The recommendation comes from the 404 Media article who did the expose on this incident, not Signal itself.

I’ve checked the Signal documentation page, and there’s no mention of the privacy implications of the setting: https://support.signal.org/hc/en-us/articles/360043273491-In...

makosdv 10 hours ago|||

You can choose what to show in the notification and there is an option to include the message, so I'm guessing that allowed some unencrypted incoming messages to be read.

frizlab 9 hours ago|||

Sibling comment explains. The notification does arrive encrypted and is decrypted by an app extension (by Signal), however, if the message preview is shown, it is stored unencrypted by iOS. It is that storage that is accessed.

butvacuum 9 hours ago|||

it seems iOS will drop previews into an unencrypted section. which, Is how I expected iOS notification previews to work without unlocking the phone

krisknez 9 hours ago|||

This kind of vulnerability is not tied to Signal but all apps which send notification.

throawayonthe 7 hours ago|||

They are;

“Messages were recovered from Sharp’s phone through Apple’s internal notification storage—Signal had been removed, but incoming notifications were preserved in internal memory. Only incoming messages were captured (no outgoing).”

ie the messages recovered were 1. incoming 2. stored by the OS after decryption

i also was spooked by the headline :p

dewey 10 hours ago||

[dead]

echelon_musk 8 hours ago||

As an aside, I decrypted an encrypted iPhone backup using a tool from GitHub because I wanted easy access to my Voice Memo recordings.

Photos I had long deleted were still in the backup! It's quite surprising just how much is being stored by the phone.

boysenberry 8 hours ago|

What did you use?

echelon_musk 5 hours ago||

https://github.com/PeterUpfold/dump-iphone-backup

shalmanese 9 hours ago|

I thought Signal didn’t show message previews by default and you had to go in and enable it? I’ve never had message previews in my Signal and I don’t remember changing anything. Maybe when they introduced the feature, you could pick but they strongly suggested it not showing?

foooorsyth 8 hours ago|

The opposite, actually. Signal endlessly nags you to turn on notifications, and when you turn them on, previews and content are shown by default. You cannot opt out of the nags.

commandersaki 7 hours ago||

According to my setting screen the Show Previews setting is "When Unlocked (Default)".

Screenshot of notification settings page: https://files.catbox.moe/3gwjoy.png

More comments...