Apple fixes vulnerability, US police once used it to extract deleted chat records from Apple phones.

Apple pushed software updates for iPhone and iPad this Wednesday, fixing a security vulnerability. The US law enforcement agencies were previously able to exploit this vulnerability to extract chat messages that had been manually deleted or had automatically disappeared from communication apps. The vulnerability was due to the fact that notification information displaying message content would be cached locally on the device for up to a month. Apple stated in a security advisory on their website that this vulnerability could result in deleted notification content remaining on the device. This incident is clearly related to an event exposed by the independent media 404Media earlier this month. The media revealed that the FBI was able to extract deleted messages from Signal app on Apple phones using electronic forensic tools. This was because the messages had been displayed in the phone's notification bar, so even if the user deleted the messages within the app, the related content would still be stored in the phone's local database. After the revelation of the messages, the CEO of the encrypted messaging app Signal, Moxie Marlinspike, stated that the app had requested Apple to address this issue. Marlinspike posted on the social platform Bluesky, saying that the notification content of deleted messages should not be kept in any operating system's notification database.