The iOS flaw allowed forensic extraction of supposedly deleted conversations from Signal and other encrypted apps, undermining user privacy controls.
The Vulnerability
A flaw in Apple’s iOS allowed forensic tools, including those used by law enforcement like the FBI, to recover deleted messages from encrypted apps such as Signal. The issue stemmed from how the operating system managed file metadata and database entries even after users believed they had permanently removed conversations. Rather than truly erasing the underlying data, iOS left traces on the storage that specialized software could reassemble.
This weakness meant that a person’s private communications remained accessible on the device long after deletion, undermining the confidentiality promised by end-to-end encryption. The vulnerability did not break Signal’s encryption itself, but it bypassed the deletion feature that users rely on for privacy.
Impact and Apple’s Response
Apple addressed the problem in a recent iOS update. The company did not assign a specific CVE identifier for this particular issue, but it was resolved through general improvements to secure deletion routines. The fix ensures that when a user deletes data from an app, the operating system now securely wipes the corresponding files instead of leaving recoverable remnants.
The practical effect is significant for journalists, activists, and anyone who depends on disappearing messages for safety. Before the patch, a seized device could reveal conversations thought to be gone. With the update, Signal and similar apps can better honor the promise that deleted messages stay deleted.
Source: The Hacker News
