“Self-destructing” Signal messages are kept live on Mac version

by Olivia Morelli - -

Not all messages sent through Signal are destructed

Disappearing Signal's messages are stored on Mac

In the wake of data breach scandals,[1] keeping your online privacy secure is one of the most important things nowadays. Here come multiple applications that are supposed to improve our online security. One of them is a data-encrypting application called Signal.

Officially, Signal program is supposed to provide the end-to-end data encryption[2] to all messages sent between users. One of the best features of this application is that it is capable of destroying messages after a certain amount of time and leaving no footprint of text, video, audio or other communication files. Naturally, security experts have been finding Signal trustworthy and useful app.[3] 

However, the Mac version of the application might have a particular safety flaw that was recently discovered by security researchers. It appears that, by default settings, Signal's notifications on Mac appear as pop-ups and display contact’s name and the message content directly on the screen. Additionally, these messages are copied into the notifications bar and kept there, even if they are set to self-destruct on the app.

App's vulnerability is the opposite to its objective

This flaw was discovered by a security researcher Alec Muffett who warned other users on Twitter:[4]

If you are using the @signalapp desktop app for Mac, check your notifications bar; messages get copied there and they seem to persist — even if they are “disappearing” messages which have been deleted/expunged from the app.

The security expert was worried that it is unknown if Mac is keeping this data somewhere else on the system and if hackers or other malicious actors could later recover it.

It soon became apparent that his worries were well-grounded, as Patrick Wardle, Mac security researcher and a chief research officer at Digital Security explained in his blog post[5] that the compiled information is stored in an SQLite database and can be accessed by anybody with simple user permissions. Thus, all the notifications that are deleted on the Signal app are still kept inside Mac until it is wiped out.

According to Wardle, this aspect of the app behavior defeats the objective of Signal, as all the information can be retrieved by hackers, malware or anybody with the access to the targeted Mac.

Keep your private data safe by disabling Signal notifications

Overall, the news about such Signal’s behavior is not a serious threat to a regular user. After all, the security measures of anti-virus programs should be bypassed before the data can be accessed and harvested. However, users who are political or surveillance activists, agents or similar, should probably keep in mind that such scenario is possible and take extra precautions.

One way to prevent Mac from keeping the “disappearing” messages is to disable notifications in Signal is via app’s Settings. Simply go to Settings on the desktop version of the app, then find Notifications and tick the option “Neither name nor Message.” This will prevent messages being stored in the database; however, all the data already recorded should be eliminated manually.

Prevent websites, ISP, and other parties from tracking you

Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.

A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.

Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.

 

Recover your lost files quickly

Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.

Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.

Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.

About the author
Olivia Morelli
Olivia Morelli - PC & Mac repair expert

Olivia Morelli is a young, but a perspicacious IT expert who is currently just a year away from a Bachelor’s Degree in Software Systems. Her primary passion is cyber security, however, thanks to her detailed understanding of computer networks, operating systems and hardware, she can find a fix for any PC or Mac issue...

Contact Olivia Morelli
About the company Esolutions

References


Your opinion regarding “Self-destructing” Signal messages are kept live on Mac version