That terrible Signal exploit has been fixed. We have journalism to thank for it
"Apple’s fix means iPhones should no longer save copies of deleted messages from Signal or other apps, and Apple said the patch also purges already saved and related notifications."
You may remember the story about the bug in Apple’s on-device notifications database that allowed the FBI to retrieve the content of Signal messages. It’s good to see that it was treated as a genuine bug — and fixed.
Signal announced the change on Bluesky:
“We are very happy that today Apple issued a patch and a security advisory. This comes following 404 Media reporting that the FBI accessed Signal message notification content via iOS despite the app being deleted.”
That’s good, because as the linked post notes, this had been actively used in court:
“They were able to capture these chats bc [because] of the way she had notifications set up on her phone—anytime a notification pops up on the lock screen, Apple stores it in the internal memory of the device.”
There’s no doubt in my mind that the widespread coverage and outrage over the issue helped encourage Apple to fix it quickly. I’m grateful for the journalism and glad it was resolved.
