Home / Technology / Apple Fixes Deleted Notification Snooping Flaw
Apple Fixes Deleted Notification Snooping Flaw
23 Apr
Summary
- iOS update patches a flaw allowing access to deleted push notifications.
- Law enforcement agencies used the flaw to bypass privacy measures.
- Update enhances data redaction for improved user privacy.
A significant security vulnerability in Apple's iOS, which allowed law enforcement to access deleted push notifications on iPhones and iPads, has been resolved by the latest update. This flaw represented a way for agencies, including the FBI, to bypass Apple's user privacy protocols.
The update, iOS 26.4.2, specifically targets an issue where notifications intended for deletion were unexpectedly kept on the device. Apple states this fix implements "improved data redaction" to prevent such occurrences.
This vulnerability came to light after reports detailed the FBI's use of a tool to access even deleted Signal notification data stored locally on an iPhone. Signal's CEO had previously acknowledged the issue, urging Apple to address it and advising users to adjust notification settings to limit visible content.
The Electronic Frontier Foundation (EFF) notes that notification privacy is vulnerable both in transit through company servers and on local device storage. Apple's update aims to make deleted notifications inaccessible, though the EFF also suggests limiting the information displayed in notifications proactively.
