iPhone Notifications Expose Signal

Signal is built so the message is scrambled in transit and only turned back into readable text on the sender’s phone and the recipient’s phone. In this case, the readable copy the Federal Bureau of Investigation found was not inside Signal’s encrypted vault at all; it was sitting in Apple’s own notification system after message previews had been shown on the iPhone. (support.signal.org) (forbes.com) Think of it like locking a letter in a safe and then taping a few lines from that letter to the outside of the safe so you can read it faster later. The encryption can still be intact while the operating system quietly keeps a second, easier-to-read copy in a different place. (forbes.com) (techspot.com) The specific weak spot was the notification preview, which is the short snippet an iPhone can show on the Lock Screen or in Notification Center before you open an app. Apple says iPhone owners can set previews to “Always,” “When Unlocked,” or “Never,” and those previews can include message text. (support.apple.com) That setting exists for convenience, because a preview lets you read part of a text without opening Signal, Messages, or Mail. It also means the phone’s operating system has to handle the text outside the app for at least a moment, and forensic tools can sometimes recover those leftovers later. (support.apple.com) (9to5mac.com) According to reports on testimony in a federal case in Texas, investigators pulled incoming Signal message fragments from an iPhone even after the Signal app had been deleted. The reports say the messages came from Apple’s notification database, not from any break in Signal’s end-to-end encryption. (techspot.com) (forbes.com) The detail that matters is “incoming.” A notification is generated when a new message arrives, so that system is much better at preserving what someone received than what they typed and sent back out. (techspot.com) (forbes.com) This is not a Signal-only problem. Any messaging app that lets iPhone notifications display real message content can end up leaking part of that content into operating-system logs, caches, or previews that live outside the app itself. (9to5mac.com) (techspot.com) Apple’s own settings page shows the fix is simple but easy to miss: go to Settings, then Notifications, then Show Previews, and switch from “Always” to “When Unlocked” or “Never.” Apple also lets you override the preview setting for individual apps, so someone could leave calendar alerts visible while hiding Signal text. (support.apple.com) Signal has long told users to manage notification behavior through the phone’s operating-system settings, because the operating system decides what appears on the Lock Screen. That means privacy on an encrypted app is partly controlled by a separate company’s settings menu, which is an awkward truth a lot of people never think about. (support.signal.org) (support.apple.com) The lesson is not that Signal failed at encryption. The lesson is that a secure app can still spill readable clues if the phone around it is configured to trade privacy for convenience, one Lock Screen preview at a time. (forbes.com) (techspot.com)