Apple fixes bug that cops used to extract deleted chat messages from iPhones

Apple has issued a critical software update for iPhones and iPads to patch a security vulnerability that allowed law enforcement to recover deleted messages using forensic tools. The bug, first reported by 404 Media, involved iOS retaining the content of notifications in a device database for up to a month, even after the corresponding messages were deleted or set to auto-delete within secure messaging apps like Signal. This created a significant privacy loophole, as forensic tools could access this cached notification data, effectively bypassing the ephemeral messaging features designed to protect user privacy. The FBI reportedly used this method to extract deleted Signal messages from a suspect's iPhone, prompting Signal's president, Meredith Whittaker, to publicly call on Apple to address the issue.

In a security notice, Apple stated the update fixes an issue where "notifications marked for deletion could be unexpectedly retained on the device." The company has also backported the fix to devices running the older iOS 18 software, ensuring broader protection. The patch closes a backdoor that alarmed privacy activists, as it undermined a key security feature used by at-risk individuals, such as journalists and activists, who rely on auto-deleting messages to keep conversations secret if their devices are seized. While Apple has not commented on why the logging occurred, the swift fix confirms it was an unintended bug rather than a designed feature.