Apple fixes bug that cops used to extract deleted chat messages from iPhones - TechCrunch

Apple released a software update on Wednesday for iPhones and iPads fixing a bug that allowed law enforcement to extract messages that had been deleted or disappeared automatically from messaging apps. This was because notifications that displayed the messages’ content were also cached on the device for up to a month.

In a security notice on its website, Apple said that the bug meant “notifications marked for deletion could be unexpectedly retained on the device.”

This is a clear reference to an issue revealed by 404 Media earlier this month. The independent news outlet reported that the FBI had been able to extract deleted Signal messages from someone’s iPhone using forensic tools, due to the fact that the content of the messages had been displayed in a notification and then stored inside a phone’s database — even after the messages were deleted inside Signal.

After the news, Signal president Meredith Whittaker said the messaging app maker asked Apple to address the issue. “Notifications for deleted messages shouldn’t remain in any OS notification database,” Whittaker wrote in a post on Bluesky.

Do you have more information about how authorities are using forensic tools on iPhones or Android devices? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.

It’s unclear why the notifications’ content was logged to begin with, but today’s fix suggests it was a bug.

Apple did not immediately respond to a request for comment asking why the notifications were being retained. The company also backported the fix to iPhone and iPad owners running the older iOS 18 software.

Privacy activists expressed alarm when they learned that the FBI had found a way around a security feature that is used daily by at-risk users. Signal, like other messaging apps such as WhatsApp, allows users to set up a timer that instructs the app to automatically delete messages after a set amount of time. This feature can be helpful for anyone who wants to keep their conversations secret in the event that authorities seize their devices.

Meet your next investor or portfolio startup at Disrupt

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Senior Reporter, Cybersecurity

Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy.

You can contact or verify outreach from Lorenzo by emailing lorenzo@techcrunch.com, via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram.

StrictlyVC kicks off the year in SF. Get in the room for unfiltered fireside chats with industry leaders, insider VC insights, and high-value connections that actually move the needle. Tickets are limited.

Duolingo is now giving users access to advanced learning content

- Lauren Forristal

Unauthorized group has gained access to Anthropic’s exclusive cyber tool Mythos, report claims

- Lucas Ropek

Tim Cook stepping down as Apple CEO, John Ternus taking over

- Amanda Silberling

- Connie Loizos

Blue Origin’s New Glenn put a customer satellite in the wrong orbit during its third launch

- Sean O'Kane

Palantir posts mini-manifesto denouncing inclusivity and ‘regressive’ cultures

- Anthony Ha

‘Tokenmaxxing’ is making developers less productive than they think

- Tim Fernholz

Anthropic launches Claude Design, a new product for creating quick visuals

- Aisha Malik