69 comments

[ 4.5 ms ] story [ 82.6 ms ] thread
Aren’t notifications supposed to be encrypted for Signal?
First, a critical setting for Signal users:

"Signal’s settings include an option that prevents the actual message content from being previewed in notifications. However, it appears the defendant did not have that setting enabled, which, in turn, seemingly allowed the system to store the content in the database."

Second, how can I see this notification history?

You don't, at least not without forensics tools
There needs to be a bit more "group chat" control in Signal messages, wherein you could enforce certain settings for certain chats regardless of the phone settings. You could have group chats that would enforce not showing more information in the notifications, while others would still allow it.
Reminder that no end-to-end encryption arrangement can do anything before encryption, or after decryption, at the endpoints.
Settings > Notifications > Notification Content > Show: "Name Only" or "No Name or Content"

I've had this enabled to prevent sensitive messages from appearing in full whilst showing someone something on my phone, but I guess this is an added benefit as well.

Originally enabled it just to avoid awkward moments
I allway say it: it is the defaults, stupid (paraphrasign).

The Defaults have to be the most sensitive ones.

If you are a supposed super secure app, this should be the default.

signal is security theater, and a very bad user experience
On Android, when I use WhatsApp and have notifications for groups turned off, I can still see that they arrive briefly and then get removed (the icon top left vanishes). I wonder often, if this is a way to push all group message content into an unencrypted data trace as well - for the same use case.
I've never seen this happen, maybe you're seeing the "Fetching messages" notification that sometimes pops up for a second?
No, it's exactly when new messages for muted groups arrive. Confirmed via WhatsApp Web.
People who NEED to hide their notifications from iOS have this already disabled.

They rest who "evaluate their threat models" can practice Spy-life-gymnastics by disabling it from Signal.

I thought Signal didn’t show message previews by default and you had to go in and enable it? I’ve never had message previews in my Signal and I don’t remember changing anything. Maybe when they introduced the feature, you could pick but they strongly suggested it not showing?
I wonder why Apple doesn't 'just' delete the notification data associated with the app from the internal database when the user deletes the app? It seems like asking for problems to just keep old notification content around forever.
I think that's how the Android notification history works. If I uninstall an app, the entries in the history aren't shown anymore. You also have to opt in to notification history and toggling it off and back on clears the old entries. There's also a time window that it keeps entries for: https://source.android.com/docs/core/display/notification-hi...
> testimony in a recent trial

Court cases are the real way to audit security.

Larping about security and complaining about companies responding to court orders only gets you so far. Its way more useful to look at what actually happens in reality.

True, court cases are one of the few times details actually surface
Probably stupid question: why won't they e2e-encrypt push notifications too? The vector is obvious and has been open since forever.
As an aside, I decrypted an encrypted iPhone backup using a tool from GitHub because I wanted easy access to my Voice Memo recordings.

Photos I had long deleted were still in the backup! It's quite surprising just how much is being stored by the phone.

Um. Android has notification history also and I see no similar ability to hide notification content from the system ...
In the Signal app itself there's an option to hide the message body or both the sender and body, that way the OS wont have anything to store in the history.
How do we know the message contents aren't still sent to google? Has someone verified this anywhere publicly?
So this is where we find out the one end of e2e is the phone and not the app.

Semi-related, in whatsapp reading the text in the notification doesn't mark the message as read, so the OS is kinda mitm here.

"However, it appears the defendant did not have that setting enabled, which, in turn, seemingly allowed the system to store the content in the database."

"[A]llowing the system to store the content in the database" where a third party, such as Apple or a government, can access it is the default

Only a small minority of users know about settings and how to change them. The vast majority of users do not change default settings. Apple knows this

Imagine a parallel universe where stories about use of personal computers were written from a different perspective. For example,

"However, it appears Apple's system uses a default setting which, in turn, seemingly allowed it to store the defandant's content in Apple's database"

instead of

"However, it appears the defendant did not have that setting enabled which, in turn, seemingly allowed the system to stoire the content in the database"

In the later version, the defendant, namely his inaction in not changing a default setting, appears solely responsible for the outcome. And the actor that placed a copy of his incoming messages in a database that the actor created is referred to as "the system", not the corporation that wrote the system and sold the computer with this system pre-instaalled

People also got charges in the same case for removing people from a Signal chat
[flagged]
... and I thought I'm turning off notifications for all apps just so I don't get spammed. Looks like the setting is more useful than that.
Just curious, how come at least once a month signal bugs me to turn on notifications? I said no for a reason, every single time - why does it keep asking?

Not implying anything evil but it feels a bit weird esp after this.

Pretty sure that's just iOS behavior + app design. If notifications are off, apps will occasionally prompt again to make sure you didn't disable them by accident or miss something
Kind of a wake-up call that even "deleted" messages aren't really gone if the OS is caching notification previews — makes you rethink what end-to-end encryption actually protects you from.