Enlarge / You may want to nicely ask your friends who use Signal on the Mac desktop to change their notification settings.

Signal, the privacy-focused voice and text messaging application, offers an attractive bit of operational security: ephemeral text messages that “self-delete” after a predetermined amount of time. There is just one small problem, however, with that feature on the Mac desktop version of the application, as information security consultant Alec Muffett discovered: if you sent a self-deleting message to someone using the macOS application, the message lives on in macOS’s Notifications history.

#HEADSUP: #Security Issue in #Signal. If you are using the @signalapp desktop app for Mac, check your notifications bar; messages get copied there and they seem to persist — even if they are “disappearing” messages which have been deleted/expunged from the app. pic.twitter.com/CVVi7rfLoY

— Alec Muffett (@AlecMuffett) May 8, 2018

Ars reproduced the problem, which Patrick Wardle of Objective See conducted a particularly deep dive on—revealing that the problem is in part a bug in the way Signal handles calls to the macOS notification system, and in part is just how macOS notifications work.

Messages that self delete from Signal still show up in notifications