X

Signal's disappearing messages discovered lingering on Macs

Messages sent on the popular chat app are supposed to disappear, but default app settings may void that.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read
Democratic Part to use Encryption App

Signal promises disappearing messages.

Jaap Arriens/NurPhoto via Getty Images

One reason for Signal app's popularity is its ability to send messages that are deleted from the app after a preset time period, but that may not always be the case, a security researcher warns.

The Mac version of the app displays recently received messages in the macOS Notification Center, but because of the way Macs handle notifications, the messages linger on the recipient's notifications bar even if the message is set to self-destruct using Signal's timer, Motherboard reported Wednesday.  The notifications display the sender's name and the message's content.

This is due to the default Mac app settings, according to security researcher Alec Muffett, who recently discovered the issue. Muffett tweeted out a warning to Mac users of the app on Tuesday, suggesting they adjust their notifications.

Mac security researcher Patrick Wardle discovered the "deleted" messages are stored on disk inside the Mac operating system, allowing them to be retrieved later, even after being deleted from the Signal app.

"Anything that gets displayed as a notification (yes, including 'disappearing' Signal messages) in the macOS Notification Center, is recorded by the OS," Wardle wrote in a blog post. "If the application wants the item to be removed from the Notification Center, it must ensure that the alert is dismissed by the user or programmatically!"

But, as Motherboard points out, "this is not a major threat for most people" because malicious third parties would still need to get their hands on your Mac to get into your message history.

The service, favored by antisurveillance activists like Edward Snowden, uses end-to-end encryption, meaning all messages that pass through its systems are scrambled up and only the sender and recipient can read them. Encryption gained a lot of scrutiny two years ago during Apple's public battle with the FBI over a request to help unlock an encrypted iPhone used in a terrorist attack.

Signal and Apple didn't immediately respond to requests for comment.

iHate: CNET looks at how intolerance is taking over the internet.

Life, Disrupted: In Europe, millions of refugees are still searching for a safe place to settle. Tech should be part of the solution. But is it?