Push notifications are a mechanism through which applications can send and display notifications to users of smartphones. The infrastructure that drives these notifications in the background is a complex mechanism and not without privacy issues.

Good read. I don’t trust the people who wrote it or who sponsor them, but good read for awareness.

  • XLE@piefed.socialEnglish
    2·
    2 days ago

    I have an issue with this article:

    You would be led to believe that any notification content that is the result of a cloud push would be visible to the server. And in Signal’s case, it isn’t.

    The content of push notifications is fully visible to platforms like Google or Apple.

    It doesn’t provide enough detail, and you’d assume Signal was compromised based on it. (It’s not.)

    What apps are affected?

    In principle, the issue affects all applications that use push notifications as provided by either the Google Play Services on Android or iOS. The issue is, however, particularly salient with social networks, especially secure messengers. When those apps promise they collect very little data about their users and users don’t volunteer any data that makes them identifiable, such as using a throwaway number for Signal

    “What apps are affected? Secure messengers. Including Signal, despite your best efforts” are what people will read.

  • bitfucker@programming.devEnglish
    1·
    2 days ago

    Ironically, using web push and web notification would solve this privacy issue since it falls upon the browser to provide the push mechanism. And browsers can be used without an account unless they want to enshittify that too

  • TachyonTele@piefed.socialEnglish
    4·
    3 days ago

    Agreed, good read.
    Im not surprised. I figure anything digital is tracked in some way. Or can be and just hasn’t been shitified yet.