iOS Notification History Exposes E2EE: How Signal Data Was Recovered in Federal Court
Persistent, unencrypted 'Notification History' on devices like iOS was the key vulnerability; in the Prairieland federal trial, Signal messages were recovered directly from this local, unencrypted history.
The dispute centers on where the data leak happens. Some point to Apple/iOS storing message content in a permanent, accessible local database, citing evidence from the trial. Others argue the fault lies in the notification mechanism itself, claiming content is never actually sent to the server, making disabling previews sufficient. 'cecilkorik' hits hard, calling E2EE a 'false-sense-of-security' because it ignores hardware seizure vectors entirely.
The consensus points squarely at the local device storage. The most significant failures are the retention of this data and its lack of encryption, making system-level access the primary threat vector, overshadowing network encryption concerns.
Key Points
Notification History is the core failure point due to unencrypted local storage.
The community widely agrees the non-encrypted 'Notification History' on iOS is the primary flaw, as evidenced by the Prairieland trial.
Disabling message content previews in OS settings is necessary.
Multiple users, including 'scytale', identify disabling OS notification previews as a direct, required mitigation step.
Relying solely on E2EE provides a false sense of security.
'cecilkorik' argued E2EE ignores physical device compromise (rootkits, physical seizure) entirely.
The feature storing history needs to auto-purge instantly.
'NotMyOldRedditName' stated the perpetual history database is fundamentally poorly conceived and should vanish immediately after viewing.
Push notifications inherently leak metadata to system servers.
'bearboiblake' argued that push notifications themselves expose data to Apple/Google regardless of message encryption.
Source Discussions (3)
This report was synthesized from the following Lemmy discussions, ranked by community score.