News 3 min read

“Self-destructing” Signal messages are kept live on Mac version

5 minutes Not all messages sent through Signal are destructed Dissapearing signals messages stored on mac In the wake of data breach scandals, keeping your online privacy secure is one of the most important things nowadays. Here come multiple applications that are supposed to improve our online security. One of them is a data-encrypting application […]

Dissapearing signals messages stored on mac
0 Comments
5 minutes

Not all messages sent through Signal are destructed

Dissapearing signals messages stored on mac
Dissapearing signals messages stored on mac

In the wake of data breach scandals, keeping your online privacy secure is one of the most important things nowadays. Here come multiple applications that are supposed to improve our online security. One of them is a data-encrypting application called Signal.

Officially, Signal program is supposed to provide the end-to-end data encryption to all messages sent between users. One of the best features of this application is that it is capable of destroying messages after a certain amount of time and leaving no footprint of text, video, audio or other communication files. Naturally, security experts have been finding Signal trustworthy and useful app. 

However, the Mac version of the application might have a particular safety flaw that was recently discovered by security researchers. It appears that, by default settings, Signal's notifications on Mac appear as pop-ups and display contact’s name and the message content directly on the screen. Additionally, these messages are copied into the notifications bar and kept there, even if they are set to self-destruct on the app.

App's vulnerability is the opposite to its objective

This flaw was discovered by a security researcher Alec Muffett who warned other users on Twitter:

If you are using the @signalapp desktop app for Mac, check your notifications bar; messages get copied there and they seem to persist — even if they are “disappearing” messages which have been deleted/expunged from the app.

The security expert was worried that it is unknown if Mac is keeping this data somewhere else on the system and if hackers or other malicious actors could later recover it.

It soon became apparent that his worries were well-grounded, as Patrick Wardle, Mac security researcher and a chief research officer at Digital Security explained in his blog post that the compiled information is stored in an SQLite database and can be accessed by anybody with simple user permissions. Thus, all the notifications that are deleted on the Signal app are still kept inside Mac until it is wiped out.

According to Wardle, this aspect of the app behavior defeats the objective of Signal, as all the information can be retrieved by hackers, malware or anybody with the access to the targeted Mac.

Keep your private data safe by disabling Signal notifications

Overall, the news about such Signal’s behavior is not a serious threat to a regular user. After all, the security measures of anti-virus programs should be bypassed before the data can be accessed and harvested. However, users who are political or surveillance activists, agents or similar, should probably keep in mind that such scenario is possible and take extra precautions.

One way to prevent Mac from keeping the “disappearing” messages is to disable notifications in Signal is via app’s Settings. Simply go to Settings on the desktop version of the app, then find Notifications and tick the option “Neither name nor Message.” This will prevent messages being stored in the database; however, all the data already recorded should be eliminated manually.

Did this fix work for you?
Linas Kiguolis

Written by

Co-founder & Tech Lead
System architecture Performance optimization Browser troubleshooting Network issues Software conflicts

Linas Kiguolis is co-founder of uGetFix and the platform's technical lead. With over a decade of experience in Windows systems, web infrastructure, and browser performance, he shapes the technical direction of the site and personally validates complex multi-step fixes. Linas has a background in software engineering and applies that rigour to troubleshooting guides — ensuring every recommended step is tested, reproducible, and safe. His areas of focus include system performance degradation, browser-level failures, software conflicts, and network connectivity issues affecting Windows users.

0 Comments

Be the first to comment

Still worried? Run a free check.

Paste any URL or domain — we'll scan it against 4.2M known threats in 10 seconds.

View full scanner → Add to your website →