Apple stops weirdly storing data that let cops spy on Signal chats
Source: Ars Technica
“Once you install the patch, all inadvertently‑preserved notifications will be deleted and no forthcoming notifications will be preserved for deleted applications,” Signal said.
Ars could not immediately reach Apple or Signal for additional comments.
User panic remains
On Signal’s thread, users debated whether the update was sufficient. Some urged that best practice is still to disable message previews entirely to limit device access to sensitive chats. Previously, Signal president Meredith Whittaker posted on Bluesky to remind users that they can update Signal settings to “Show ‘No Name or Content’” in push notifications and avoid privacy concerns. Some users agreed that enabling message previews on any device—not just Apple’s—seemed unwise in light of 404 Media’s reporting.
“By having message previews in notifications, you’re giv[ing] the OS access to that content without being sure how it will handle those messages,” wrote Bluesky user LofiTurtle. “This patch removes one known method, but for full assurance you should just turn off previews so the OS never sees it in the first place.”
Speculation about other stored content
Bluesky user Alexndr speculated that Apple’s update suggested there may be other concerning content stored in ways that might affect other app users:
“The notification content surviving app deletion is the wild part. Glad it’s patched but makes you wonder what else is sitting in iOS notification caches.”
Apple’s defense
A Bluesky user Coyote defended Apple, noting that Apple’s blog clarified the issue as a logging problem rather than a caching one:
“Notification content wasn’t supposed to make it into diagnostic logs but sometimes did. Specifically happened when you get a notification the phone can’t handle, like when the app it is for has been deleted.”
For Apple users, questions likely remain since governments seem keen to access encrypted chats however they can. Apple made headlines last year for pulling end‑to‑end encryption in the United Kingdom to avoid complying with a law that made it easier for officials to spy on encrypted chats. 404 Media noted that globally, law enforcement has increasingly relied on “push notifications more broadly as an investigative strategy.” Last year, Apple caved to legal demands that “gave governments data on thousands of push notifications,” 404 Media reported.