Push notifications are a mechanism through which applications can send and display notifications to users of smartphones. The infrastructure that drives these notifications in the background is a complex mechanism and not without privacy issues.
Good read. I don’t trust the people who wrote it or who sponsor them, but good read for awareness.
You would be led to believe that any notification content that is the result of a cloud push would be visible to the server. And in Signal’s case, it isn’t.
The content of push notifications is fully visible to platforms like Google or Apple.
It doesn’t provide enough detail, and you’d assume Signal was compromised based on it. (It’s not.)
What apps are affected?
In principle, the issue affects all applications that use push notifications as provided by either the Google Play Services on Android or iOS. The issue is, however, particularly salient with social networks, especially secure messengers. When those apps promise they collect very little data about their users and users don’t volunteer any data that makes them identifiable, such as using a throwaway number for Signal…
“What apps are affected? Secure messengers. Including Signal, despite your best efforts” are what people will read.
I have an issue with this article:
You would be led to believe that any notification content that is the result of a cloud push would be visible to the server. And in Signal’s case, it isn’t.
It doesn’t provide enough detail, and you’d assume Signal was compromised based on it. (It’s not.)
“What apps are affected? Secure messengers. Including Signal, despite your best efforts” are what people will read.