this post was submitted on 07 Apr 2026

245 points (98.4% liked)

Technology

83564 readers

2926 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

245

Signal messages retrieved from iOS notification, as seen in Prairieland federal trial (media.fedia.io)

submitted 23 hours ago by frocalannifo@fedia.io to c/technology@lemmy.world

76 comments fedilink hide all child comments

TLDR: signal content in Apple notification can be retrieved even after signal app deletion.

I saw from this reddit thread: Signal messages retrieved from iPhone after uninstalling app. : signal

Referencing this news article: Pretti Killing May Affect ICE Prairieland "Antifa Cell" Terrorism Trial

The mention of signal is in court documents here: March 10: Federal Trial Day 12 - Support the Prairieland Defendants

Signal chat evidence from Sharp’s device (Exhibit 158):
Messages were recovered from Sharp’s phone through Apple’s internal notification storage — Signal had been removed, but incoming notifications were preserved in internal memory. Only incoming messages were captured (no outgoing).

top 50 comments

sorted by: hot top controversial new old

[–] DarkFuture@lemmy.world 2 points 45 minutes ago

Another reason not to own Apple products.

Don't think I've ever seen a company with shittier products better at tricking the gullible into buying them.

Anything you can do on a Mac/iPhone you can do on a PC/Android for half the price. Windows is a much more compatible and intuitive OS. And so is Android.

Source: I've worked in IT for over 20 years. I've worked with a ton of other techs. They all hated Apple. I actually just got done working on a Mac that our media department brought me because they were also tricked by advertising into thinking you need a Mac to do media stuff. It was a nightmare and my hatred for Apple has only increased.

P.S. Please don't bother telling me how Linux is superior to Windows. I know Lemmy likes Linux. I don't care. It's not as compatible as Windows and not suitable for a work environment. I have my problems with Microsoft. This comment is about hating Apple more.

[–] anon_8675309@lemmy.world 26 points 7 hours ago (2 children)

That’s my biggest issue with notifications. Notifications should just notify you that something happened and you need to open the app to find out. Carrying actual data ON the notification is a no-no.

But what do I know, I’m an old developer not one of these modern vibe kiddies.

[–] NotMyOldRedditName@lemmy.world 2 points 1 hour ago* (last edited 1 hour ago)

The actual notification telling you there is a message shouldn't contain the content if its sensitive, it should only carry an ID to said message, and im certain this is what signal does. Thats like the most utter basic thing about notifications.

Once that notification arrives, the system decides what to show you after fetching the message from the ID in the background. You can opt to keep that private or show it.

In this case if you opt to show it, it leaks.

[–] baggachipz@sh.itjust.works 4 points 7 hours ago (1 children)

A notification doesn’t have to carry any data in its payload; Signal devs could take care of that.

[–] rezifon@lemmy.world 17 points 6 hours ago (1 children)

Signal has supported this for many years. Users can choose full content notifications, name only, or no-content notifications.

[–] baggachipz@sh.itjust.works 1 points 5 hours ago (2 children)

I believe what’s in the payload is not the same as what the user chooses to see. That is, it’s sent no matter what but the user can set what’s visible on the lock screen. I could be wrong though.

[–] eco_game@discuss.tchncs.de 10 points 4 hours ago

That's a separate OS setting. Signal itself has its own setting for which content is actually sent in the notification.

[–] rezifon@lemmy.world -3 points 3 hours ago* (last edited 3 hours ago) (1 children)

Why do you so confidently assert things which you do not know but merely believe without checking?

[–] baggachipz@sh.itjust.works 2 points 3 hours ago (2 children)

Did I not qualify it by saying I could be wrong? What is so confident about that? Jesus Christ, nobody asked you.

[–] NikkiDimes@lemmy.world 1 points 1 hour ago* (last edited 1 hour ago)

You even double qualified it, prefacing with "I believe"

What an ass

[–] rezifon@lemmy.world 1 points 1 hour ago

“Signal devs could take care of that”

They did like eight years ago.

[–] TheFrirish@tarte.nuage-libre.fr 8 points 11 hours ago (1 children)

Honestly I have a much much much MUCH MUCH bigger issue with the fact that it is an American and Centralised service.

FBI still can't access it though.

[–] stringere@sh.itjust.works 3 points 4 hours ago* (last edited 4 hours ago) (2 children)

Is there a good decen e2e messenger not in the US? Would love an alternative.

[–] badgermurphy@lemmy.world 2 points 1 hour ago* (last edited 1 hour ago)

Good? No.

I think it is telling about Signal, though, that despite being in a privacy-unfriendly jurisdiction, federal authorities can only extract data from it when its users mess up.

I don't think you'll get much better until some of these other services mature more. Some of them seem painted into a corner where improving them further seems to involve rewriting big sections of them, like Matrix, so I am less optimistic about those.

[–] forestbeasts@pawb.social 2 points 1 hour ago

There's Matrix which is selfhostable but "good" is pushing it and the cryptography is a bit iffy (probably more incompetence than malice). Though selfhosting it means you don't need the end to end encryption quite as much... until the court gets involved of course.

-- Frost

[–] ZoteTheMighty@lemmy.zip 49 points 17 hours ago (3 children)

But Apple told me in an ad that they're better for privacy?!?

load more comments (3 replies)

[–] SnoringEarthworm@sh.itjust.works 92 points 21 hours ago* (last edited 21 hours ago) (5 children)

Basically, they didn't do this:

(I'm on Android, so I don't know what the options look like in iOS, but they should be identical.)

[–] Crackhappy@lemmy.world 5 points 7 hours ago

Thank you internet stranger. I'm going to do this but fuck me if I can get my family to change their settings. They don't even know they can create a poll.

Don't ask me. I made all of you admins do I don't have to answer questions like how do I make a poll. Click the + button. Yeah. The one on your fucking screen right now.

No grandpa. We are not trying to figure out who is trans. No popop none of are naxies (I hope)

Anyway, click the +. Right there. That is how you create a poll.

[–] napkin2020@sh.itjust.works 5 points 8 hours ago* (last edited 8 hours ago) (1 children)

They shouldn't have have to do this though.

[–] Quill7513@slrpnk.net 6 points 7 hours ago

there's a lot of things under fascism that shouldn't be needed

[–] Kupi@sh.itjust.works 8 points 14 hours ago* (last edited 14 hours ago)

They are similar

[–] RIotingPacifist@lemmy.world 38 points 20 hours ago (2 children)

It would be nice if Signal let you do this per conversation.

It's sort of a victim of its own success, I use it for both things that do and don't require opsec

[–] rezifon@lemmy.world 3 points 3 hours ago

I imagine that the signal devs viewed it as a similar concern as when you mistype your password the error message doesn’t give you any way to know if the password is wrong or if the account doesn’t exist.

If only some of your notifications are sanitized then those are the suspicious ones. If all of your notifications are sanitized then none of them are suspicious. Or, at least, they’re all equally suspicious, opaque, and unidentifiable.

[–] Quill7513@slrpnk.net 6 points 6 hours ago (1 children)

and on some level it's important for good opsec that things that don't require opsec be done with good opsec

[–] RIotingPacifist@lemmy.world 1 points 4 minutes ago

That doesn't work in reality, as evidenced here, it's far more likely people compromise their security for convenience than the other way around.

Also sometimes opsec requires in get messages from certain chats quickly. Knowing where ICE are in a timely manner is important.

[–] Bazoogle@lemmy.world 17 points 19 hours ago (14 children)

You also don't need to do this on Android unless you are concerned about random people seeing the messages on your screen. Signal on Android does not use Google's push notification service

[–] Quill7513@slrpnk.net 5 points 6 hours ago

as far as i know signal uses Google's notification service and if you want it to not you need to use Molly

[–] 0_o7@lemmy.dbzer0.com 5 points 7 hours ago

Signal on Android does not use Google's push notification service

Source? I'm pretty sure it falls back to a different mechanism when it doesn't find google services. And that is only on the version downloaded from their website.

https://github.com/signalapp/Signal-Android/issues/13290

[–] Quexotic@infosec.pub 6 points 8 hours ago

You most certainly do. I looked in my notification history in my founding of signal messages.

Then I turned off my notification history.

load more comments (11 replies)

[–] scytale@piefed.zip 50 points 22 hours ago* (last edited 21 hours ago) (5 children)

I learned about this a couple of months ago and I've since disabled previews in notifications. It's unfortunately the nature of how notifications are delivered to you. You should be fine by disabling message previews in your notification settings.

[–] in_my_honest_opinion@piefed.social 34 points 22 hours ago (4 children)

Yup,

https://www.privacyguides.org/articles/2022/07/07/signal-configuration-and-hardening/

Among other things

load more comments (4 replies)

[–] HumbleExaggeration@feddit.org 35 points 21 hours ago* (last edited 14 hours ago) (1 children)

So you are telling me an app is encrypting the shit out of every message so it can secretly delivered to another person. An then the persons phone decrypts the message and broadcasts it to an apple server, so it can get send back and make the phone go 'ding'?

Shouldnt the notification be handled inside signal somehow, so this is the only app with the decrypted message?

What is next, everything from my ram needs to go through google servers to be transmitted to my display?

[–] RunningInRVA@lemmy.world 52 points 21 hours ago

The Signal server would send a backend notification to the client app via the Apple Push Notification Service. The app is then able to wake up, at which point it fetches new messages (securely) from the Signal servers. The app then generates a local notification with a preview of the received message. iOS is then logging those messages.

load more comments