Signal’s Disappearing Messages Feature Fails to Delete Chats Reliably

Journalists at Vice Motherboard have discovered a new bug affecting the disappearing messages feature in the Signal messenger app. Due to this recently introduced issue, messages set to self-destruct do not always disappear as intended.

Background: Signal’s Role in Secure Communication

In recent years, many journalists have followed cybersecurity experts’ advice to use Signal as a secure alternative communication channel. Both media outlets and their sources often rely on the disappearing messages feature, which is designed to erase chat logs after a set period.

However, Motherboard reporters noticed that this feature has not been working as expected lately. Their analysis of several disappearing message conversations revealed that the app often deletes only one side of the chat, while the other side remains accessible even after the deadline has passed.

Examples of the Bug in Action

• In one case, a message received on May 22, 2018, was supposed to be automatically deleted after a week, but it remained visible for two and a half weeks.
• In another instance, messages sent on May 22 disappeared only partially: the app deleted just one side of the conversation, erasing only the recipient’s replies. On the recipient’s device, a similar situation occurred, but only their own messages were preserved.

Journalists also noted that in these cases, expired disappearing messages were marked as “sent” but not as “read,” even though they had been read and replied to.

Signal’s Response and Fixes

Motherboard reached out to Moxie Marlinspike, founder of Open Whisper Systems, the nonprofit behind Signal. He confirmed the existence of the bug but assured that it appeared only recently, affected a limited number of users and messages, and was present only for a short time—up until the release of Signal for iOS on May 22, 2018. According to Marlinspike, all disappearing messages sent after that date should be deleted as intended, and users can manually remove any expired messages affected by the bug. He also promised that a future Signal update would automatically clean up any bugged conversations.

Related Issues on Other Platforms

Last month, cybersecurity specialist Alec Muffett discovered a similar problem in the Signal desktop client for Mac. Copies of disappearing messages (or parts of longer messages) were being saved in the operating system’s database, specifically in the Notification Center, where they could be read even after being deleted from Signal itself.

Although the two issues are unrelated, Motherboard journalists caution that Signal should not be considered a truly secure communication channel and that users should not rely solely on the disappearing messages feature for sensitive matters.