A Mac-specific vulnerability has been discovered in the secure messaging app Signal.
Signal allows you the option of sending ‘disappearing’ messages which are automatically purged from the app after a preset time. This feature is often used for passing on the most sensitive information, to ensure there is no permanent record afterwards. But a security researcher has discovered a serious failing specific to the Mac app …
Motherboard spotted a tweet from Alec Muffett in which he reported that disappearing messages were displayed in the Notification Center – and remained there after they expired in the app.
Motherboard confirmed this, with Muffett saying the bigger concern was where Notification Center content was stored on a Mac, and whether it created a permanent record.
Security researcher and ex-NSA hacker Patrick Wardle investigated and found that it does.
As the piece notes, it’s not a big concern for the average user, as reading the database would require physical or remote access to the Mac while logged-in, but it does create a vulnerability that shouldn’t exist.
“If I’m a nation state [hacking] group, I’m now going to code up a ‘grabSignalMessage’ plugin for my implants,” Wardle said.
You can prevent it happening in future by going into Signal’s preferences pane, selecting Notifications and then ‘Neither name nor message.’ However, existing disappearing messages will remain in the database, which would need to be wiped to remove them.
