Popular encrypted chatting applications such as Signal, Telegram, and WhatsApp ensure maximum privacy.
The reason for this is that they use end-to-end encryption; thus, messages can only be seen by their sender and recipient. No one else can see them, not even the company that made the application. While this might seem very secure indeed, there have been cases proving the opposite.
During a trial held in Texas, the FBI managed to recover deleted Signal messages. Interestingly, the chat and Signal had been removed from the iPhone long before the investigation began.
It was believed that no messages could be extracted since those had expired within the application something that was allowed within Signal’s policy. However, there were partial messages that had been found.
Why OS Features Can Bypass App Encryption?
What is interesting about this case is the fact that the recovery was possible due to another feature of the device itself. On iPhones, there is an option that allows saving all the received messages to the notification center.
Every time a new message is received, it is presented on the screen and might include text. In other words, this feature creates a second copy of the message.
In this case, the FBI would have been able to get to those stored notifications through forensics. They were able to retrieve incoming messages but not outgoing messages. This is because the phone was storing notifications only, which contain received messages.
This point is significant because it proves that strong encryption does not always protect from everything. The application might be highly encrypted but the smartphone itself may be leaking information. The weak link here was not the app, but the OS running it.
There are some ways to mitigate this risk by Signal. The app allows for adjusting settings regarding notifications. It is possible to choose between hiding messages, displaying names only, and completely disabling notifications. Each of those choices will reduce information stored on the phone outside the app. In this case, there were no adjustments made to notifications settings.
It is understandable why the person made such a choice. Convenience matters. People want their phone to display notifications right away. However, with each feature comes the chance to reveal some information.
But the problem isn’t specific to Signal either. All applications that preview their messages in push notifications could have a similar vulnerability. Some allow extensive customization. Others provide less flexibility.
Why the FBI Targets Device Endpoints Over Encryption
There is another trend worth mentioning. Law enforcement and government agencies tend to concentrate on devices rather than encryption. After decryption, it is easier to obtain access to the data rather than to decrypt it. In other words, it doesn’t take much effort to hack into a device and read its content without breaking any cryptographic algorithms.
It was also noted that some firms have provided notifications data to the authorities in particular instances. The requests depend on the laws and jurisdictions. They don’t comply with every request from government agencies, but such data exists.
This issue has been discussed by security researchers for years. It is impossible to create an absolutely safe system, but it will depend on how the users utilize their devices and set up their applications. When someone takes control of a smartphone, they can easily read encrypted messages that have already been decrypted by the application.
The takeaway for regular users is clear. The encryption is reliable, but it isn’t everything. Device settings are important. Notification settings are important. Simple habits are important.
Securing the Digital Footprint
If privacy matters to someone, then he or she should take a look at his or her notification settings. Disable message previews. Lock access to apps. Update the device. Do not store any personal information on the lock screen. This will minimize the risk of leaving any personal information outside the app.
Security solutions aren’t flawless. Every security measure has its own limitations. Applications can secure the transmission of data and stored messages. But when a message appears on a screen, it leaves footprints.
This story doesn’t prove that using an encrypted messaging application isn’t safe. However, it clearly demonstrates the idea that security measures should be multiple. Even the most secure solution might have weaknesses. In this instance, the weak point wasn’t the application but the phone itself.
Comments are closed.