Yeah! Not sure why nobody is talking about this (or at least not enough people). I see so many people being mainly concerned with the content of push notifications (ehem Meredith Whittaker) but not addressing the far more interesting concerns.
Everything from that Xitter thread, but also I would be interested if services make any effort to make it harder to correlate a push token from Apple/Google with the actual user account. I could imagine some solutions for that, not really trivial though. Because even if Signal does not store a lot of data that they can give out about user accounts, if LE can trivially link that to an Apple ID, you might get into trouble through that. Not what I expect from a privacy-conscious communications app.
Well, personally of course Iām on google-free GOS anyway and nothing touches FCM or Appleās Push servers, but still I also need protection for the people I talk to.
If you disable push notification entirely for an app does this mitigate in some way? Iām thinking something like proton mail where I donāt really need an instant notification of a new message.
Another very important question that app devs are not really answering. Hell, even for instant messanging, it would be good (and important!) to at least have the option. Why is there no Signal FAQ entry by now on their site that states this very clearly: Is anything alleviated by disabling push notifications or do Signal servers still send crucial metadata out to Apple/Google servers? The notifications ultimately not reaching the device (or just not being displayed, even that is not being explained) means nothing in this regard. It should be transparent what information is given from the service provider to Apple/Google and in what exact circumstances. This is not Farmville, but these are alledgedly very security and privacy-focused communication solutions.
Well true, actually might be a good idea to reconfirm this on the website as many people have apparently heard about this story. It could be a good criteria for a messenger.
Tuta was way ahead in this department. Proton is already susceptible to Apple/Google Push notification theft, since they also reveal the mail titles as well as the sender mail, which is very insecure tbh
This claim is false and has already been refuted in the thread. Proton encrypts notifications on both iOS and Android so that neither Apple, Google nor any government can spy on them.
Even though Signal supports notifications outside Google Services, it also encrypts them like Proton. No difference, afaik. It depends on the implementation.
Even encrypted it can be preferable to avoid routing the encrypted message contents (by way of the notification) through extra servers. The implementation of this is not always made clear. I believe on iOS just simply disabling show previews does not mean the notification preview, and thus message content preview, are not still included in the encrypted contents of the notification.