Can the FBI Intercept Signal Chat Messages?

Forbes recently published a report about court documents in a New York gun-running case that seem to imply the FBI can access encrypted Signal chats.

Court documents obtained by Forbes not only attest to that desire, but indicate the FBI has a way of accessing Signal texts even if they’re behind the lockscreen of an iPhone.

The clues came via Seamus Hughes at the Program on Extremism at the George Washington University in court documents containing screenshots of Signal messages between men accused, in 2020, of running a gun trafficking operation in New York. (The suspects have not yet entered a plea and remain innocent until proven guilty). In the Signal chats obtained from one of their phones, they discuss not just weapons trades but attempted murder too, according to documents filed by the Justice Department. There’s also some metadata in the screenshots, which indicates not only that Signal had been decrypted on the phone, but that the extraction was done in “partial AFU.” That latter acronym stands for “after first unlock” and describes an iPhone in a certain state: an iPhone that is locked but that has been unlocked once and not turned off. An iPhone in this state is more susceptible to having data inside extracted because encryption keys are stored in memory. Any hackers or hacking devices with the right iPhone vulnerabilities could then piece together keys and start unlocking private data inside the device

But this seems to be less about exploiting Signal but instead exploiting vulnerabilities on devices to gain access to Signal (and once you have access to the device, gaining access to messages is not going to be difficult).

Signal’s Moxie Marlinspike made this point on Twitter, responding to a more inflammatory version of the story from Zero Hedge,

They used an iPhone OS vulnerability on an old iPhone they were physically holding to bypass the lock screen. Anyone who can do that can do anything the owner of the phone can do, including open Telegram.

The author of this is pretty obviously intentionally lying to you.

— Moxie Marlinspike (@moxie) February 13, 2021

The Freedom of the Press Foundation has an excellent article from earlier this year, Locking down Signal, that outlines best practices for using encrypted text apps like Signal while avoiding side-channel attacks, where attackers try to use malware or physically hacking a device (such as the FBI apparently did) to get at the messages. As the FPF nicely summarizes it,

The weak points in end-to-end encrypted conversations are the “ends”— the physical devices where the messages arrive in human-readable text.