There is a big flaw inside the macOS client for the famous end-to-end encrypted messaging app Signal. Signal fails to delete disappearing properly (self-destructing) messages from the recipient’s system, leaving the content of your sensitive messages at risk of getting exposed.
We said it before, and we are saying it now: anything can be hacked and almost every app has flaws. Remember that it is essential for every user and company to add extra measures of cybersecurity. Every user must use only the best cybersecurity solution like an antivirus for Windows or antivirus for Mac depending on which OS their device is running. Also, every company must go an extra step to obtain the best cybersecurity measure; this can be done by hiring a cybersecurity firm that will attack purpose the company’s network of revealing its most destructive and dangerous flaws.
This kind of deliberate attacks is done through specialized cybersecurity tests like penetration test and ethical hacking tests.
For those unaware, the disappearing messages in Signal self-destruct after a particular duration set by the sender, leaving no trace of it on the receiver’s device or Signal servers.
However, it has been discovered that the messages that are supposed to be destructed can still be seen, even if they are deleted from the app.
This recovery is possible because macOS makes a copy of the destructing messages in a user-readable database of macOS’s Notification Center, from where they can be recovered anytime later.
So, if you have enabled notifications for Signal app, the service will show you notifications for the destructing messages as well in the form of truncated messages, which is generally 1-1.5 lines of the full message.
Be aware! Sharing incoming destructing messages with the notification system leads to two privacy issues:
1. Destructing messages may remain in the User Interface of macOS Notification Center even after being deleted within the Signal app and can be seen in the notification bar until manually closed by the user.
2. In the backend, the SQLite database of Notification Center also keeps a copy of truncated messages, which can be accessed with standard user permissions, or by a malicious app installed on the system.
We suggest to either not provide Signal access to notifications service for disappearing messages or explicitly delete such notifications from the system’s database when it removes the messages from the app UI.
To fully protect the content of your sensitive messages so that no malicious app, hacker or even your girlfriend can recover them, you should disable notifications service for Signal until it fixes this issue.
Also, because we want you to stay safe and secured in front of all vulnerabilities like this one, we recommend implementing a robust cybersecurity solution into your devices like an antivirus for Windows or antivirus for Mac depending of which OS are your machines running. We also suggested that every company must hire a specialized cybersecurity firm that will perform various tests like a penetration test and various ethical hacking tests on company’s network to reveal if any network flaws are present.
For companies that exist 100% online, we recommend the using of cyber-secured web hosting services.