Contact UsWDN News & more...

Self-destructing messages received on ‘Signal for Mac’ can be recovered later


It seems that macOS client for the in kind cease-to-cease encrypted messaging app Signal fails to effectively delete disappearing (self-destructing) messages  from the recipient’s arrangement, leaving the content of your sensitive messages at possibility of getting uncovered.

For those unaware, the disappearing messages in Signal self-destruct after a relate length plan by the sender, leaving no label of it on the receiver’s gadget or Signal servers.

On the different hand, security researcher Alec Muffett observed that the messages which would be imagined to be “disappearing” can gentle be considered—even within the event that they’re deleted from the app.

But any other security researcher Patrick Wardle reproduced the reveal and explained that macOS makes a duplicate (partial for lengthy messages) of disappearing messages in a user-readable database of macOS’s Notification Center, from the place apart they would per chance well be recovered anytime later.

Can have to you must should always preserve an to your incoming messages with out having to establish your inbox obsessively, macOS desktop notifications (banners and indicators) that seem within the upper-factual corner of your cover is a tall formula to warn you of stuff you assemble no longer should always miss.


In response to a blog post printed by Wardle, while you occur to have got enabled notifications for Signal app, the provider will demonstrate you notifications for the disappearing messages as neatly within the arrangement of truncated messages (which is continuously 1-1.5 traces of the total message).

Now, sharing incoming disappearing messages with the notification arrangement ends in two privateness disorders:

  1. “Disappearing” messages can also simply reside within the User Interface of macOS Notification Center even after being deleted for the length of the Signal app and would possibly perchance per chance be considered within the notification bar except manually closed by the user.
  2. Within the backend, the SQLite database of Notification Center also keeps a duplicate of truncated messages, which is ready to be accessed with out a longer new user permissions, or by a malicious app installed on the arrangement.

Wardle suggests both Signal must no longer present notifications provider for disappearing messages or must explicitly delete such notifications from the arrangement’s database when it removes the messages from the app UI.

Meanwhile, to provide protection to the content of your sensitive messages so that no malicious app, hacker or your significant other can accumulate better them, you must assume about disabling notifications provider except Signal patches this trouble.