Unknown iOS flaw accidentally revealed by FBI investigation

Technology, for better or worse, is now proving to be a huge factor in crime investigations across the world.

While it's had varying success at times when it comes to artificial intelligence, particularly when using facial recognition to assist in crimes but then identifying the wrong person, there's no doubting that the online world can be key to identifying and hopefully eradicating future threats.

That proved to be the case in a recent trial over in Texas, as an FBI investigation used modern technology to forensically extract copies of messages from the defendant's phones, and while it proved helpful in this case, it actually exposed a potential flaw in Apple's iOS systems in the process.

A group of people had set off fireworks and vandalised the property at the ICE Prairieland Detention Facility in Alvarado, Texas last July, with one shooting a police officer in the neck.

A key factor in the trial proved to be the messages sent by the defendants on the encrypted messaging app Signal, with the FBI able to extract copies of those messages even after the app had been deleted, after several were saved in the device’s push notification database.

The FBI investigation took place after an Antifa protest at an ICE facility in Texas (Getty Stock)

FBI Special Agent Clark Wiethorn testified about the evidence after 'Antifa' member Lynette Sharp was arrested and her phone seized, with president Trump recently labelling the group a domestic terrorist organisation.

A summary of Exhibit 158 published on a group of supporters’ website says, “Messages were recovered from Sharp’s phone through Apple’s internal notification storage—Signal had been removed, but incoming notifications were preserved in internal memory. Only incoming messages were captured (no outgoing).”

This is an interesting development as it emphasises how encrypted messages from secure apps can still be accessed even after they are deleted, and anyone who wants to avoid this will have to turn on a specific feature.

A supporter of the defendants who was present during the trial told 404 Media: “We learned that specifically on iPhones, if one’s settings in the Signal app allow for message notifications and previews to show up on the lock screen, [then] the iPhone will internally store those notifications/message previews in the internal memory of the device."

As per 404 Media: In the Notifications menu under Settings in the Signal app, users can change what Notification Content appears. This includes Name, Content, and Actions; Name Only; and No Name or Content. However, it's unlikely that this push notification issue is limited to just the Signal app.

Push notifications can be accessed even after the app is deleted (Getty Stock)

Attorney Harmony Schuerman took notes which read: "They were able to capture these chats bc [because] of the way she had notifications set up on her phone—anytime a notification pops up on the lock screen, Apple stores it in the internal memory of the device.

Another supporter of the group added: “I was in the courtroom on the last day of the state's case when they had FBI Special Agent Clark testifying about some Signal messages. One set came from Lynette Sharp's phone (one of the cooperating witnesses), but the interesting detailed messages shown in court were messages that had been set to disappear and had in fact disappeared in the Signal app.”

All defendants in the trial were found guilty of multiple charges.

So, it just goes to show that even when we think we are being careful on the internet or on our phones, there are always likely to be methods to expose exactly what we've been saying, buying or looking at, which feels a lot like George Orwell's '1984'.

Amid the news that Ring is also installing an AI feature which is essentially a neighbourhood watch, it may well soon be the case that we are always being watched.

LADbible group has contacted Apple for comment.