- cross-posted to:
- privacy@lemmy.world
- cross-posted to:
- privacy@lemmy.world
It always bears repeating, push notifications are not private, neither for Android, GrapheneOS, nor iOS, even if you use end-to-end encryption. If you are privacy conscious, you should either use settings to hide sensitive data from push notifications or turn them off altogether.
If you turn off notification history on Android, should be enough to avoid such “attacks”. Hiding sensitive content inside notifications only hides it in the lock screen. If your OS keeps a clear log of them, it’s useless.
Edit: didn’t know Signal actually has settings to hide their own notifications. I was thinking about Android’s “hide sensitive content” setting.
Notifications go through FireBase Cloud Messaging (FCM) on Android. They bounce off a Google server. Even from local, on-device apps.
Same with iOS.
They can read and store every one of them, and you don’t control the encryption keys.
But they only instruct Signal to wake up and download whatever is waiting. They don’t contain the message contents.
By not having Google Play Services, isn’t this prevented?
If you don’t use Google Play Services, you don’t get push notifications, so yes. Libre reimplementations of Google Play Services such as Gapps etc. or alternative push notification providers do not circumvent this issue, except possibly self-hosted push notification providers. This approach is really rare though and limited generally to very few apps.
If I turn off notifications on my end, does the other person still generate a push notification when they send me a message, even if I never receive it?
Edit: Sorry, I think I misunderstood your question. If you don’t have Google Play Services enabled but your friend does and messages you, no, a push notification won’t be sent, but if you message them, one will be sent to them.
I thought you were asking if you just disabled notifications on your phone if that would prevent push notifications from being sent. I’ll leave my original answer in case someone else has that question.
It depends on what exactly you mean, but usually not. If you mean in your phone’s notifications management settings, that does not affect the push notifications being sent to Google/Apple servers, that’s just a local setting to decide how your phone handles it.
Some apps, though rarely, allow you to disable push notifications from being sent. If it exists, this is inside a settings screen in the app itself or on the app provider’s website somewhere. Generally, only privacy-conscious apps provide such settings.
So how does it decide to generate a push notification or not?
iPhones save old notifications in a database? Why?
So it can relay notifications across devices like your Apple watch, macbook, iPad and iToilet
iToilet
Brings new meaning to piece of shit device.
Android does this too (ETA: by default). There’s a history. You can set Signal to not display message content in notifications.
Notification history is off by default in GrapheneOS…so that is nice.
two different things, it won’t stop relay history
I really want to convert my pixel but I’m so damn lazy.
Mostly worried about losing TOTP apps and configurations. I really should be backing those up.
You can export them from the Google authenticator app and import into something like keepassdx. Its a bit of a workaround doing such, having to read the data from the QR code but entirely possible.
Mine sync between devices using Syncthing, merging forked credentials is easy enough to fix too with the desktop app.
Aegis works perfectly. My university used Duo and then Okta, and both worked. I was unable to get Authy to work, though.
You should really not be backing them up. You should be saving and securing your recovery codes.
What’s the purpose of keeping a history of seen notifications in a database? That shit should be being automatically purged if it needs to exist to show it, after its been dismissed.
I wonder if this revelation will trigger a change in how it works, since apple has often tried to do things securely?
My android shows a history of notifications. Not sure what the retention period is. It does add conveniece by allowing me to check dismissed notifications. It allows some monitoring about the type, content, and frequency of notifications as well as control to block them.
It certainly now appears the convenience isn’t worth the loss of privacy, though.
How do you see them
Settings>notifications>notifications history on my pixel. Looks like just 24 hours of history, including the content
If you accidentally dismiss a notification, you can go back in the history to see it. Or if you dismiss a message notification that you want to respond to later. Or if a notification keeps popping up and disappearing and you want to investigate.
I just checked if there were any controls for this on Android. As far as I could tell, you can only toggle it on/off.
Off clears the history, but I wish we could do more than all or nothing. I don’t need a history of more than a week at most.
I have it turned on. It only shows the last 24 hours.
doesn’t signal use empty notifications by default?
For the push notification yes. Once it pulls the message and creates the full notification with preview, that can be added to the local notification history.
End-to-end encryption is the final boss of false-sense-of-security.
Like, it’s great and all, but it’s not universal perfect privacy the way a lot of people seem to hold it up as if it were. You have to understand what it’s actually defending against, and who might be blocked by that, and more importantly, who won’t be. Because the list of potential adversaries it is actually useful against are becoming narrower and increasingly out-of-date.
Encryption alone prevents the messages being read in transit between you and Signal, and obviously that’s fundamental basic security at this point. Signal being end-to-end encrypted prevents your messages being spied on by Signal, but ironically they’re probably one of the most trustworthy actors in this whole chain, so the fact that it’s protected from them, while commendable, is not particularly valuable security. They were probably not the ones going to spy on you in the first place. They have prevented themselves from being capable of doing so, and that’s good, but if that’s all you’re worried about and you now think your privacy problems are solved, you’re completely missing the point because instead of Signal themselves, you need to be worried about the guy currently standing over your shoulder with his camera filming.
Treat your phone and your Windows computer like they are permanently compromised with a rootkit taking continuous screenshots of everything you do and feeding that to their big tech overlords, because they might as well be.
For that matter, even Linux PCs still have their black box “intel management engine” or similar processor running constantly and potentially watching everything you do, although I don’t believe they actually do that in any reasonable case, we need to understand they have both the capability and the motivation to be, at least in some cases, compromised by adversaries which may include (but are not limited to) tech companies and governments. You can’t even trust your “dumb monitor” unless you’ve audited every chip inside it, you’ll never know if it could be scanning everything on your screen and feeding it back through HDMI/DP back-channels or even through powerline networking. You also don’t know if the same kind of things could be happening on the other side that you’re sending/receiving from. Sure the network trip is protected, but that’s hardly the only place you’re vulnerable to interception.
That probably all sounds paranoid and extreme and improbable, and it is, but the point is end-to-end encryption does nothing to help you against any of that, so don’t make the mistake of assuming you’re 100% safe because it’s end-to-end encrypted. The “end” is not what you think it is and it’s not paranoid to at least understand that and accept the risk with the understanding.
I realize I am probably preaching to the choir here, and most of you probably understand this as well as I do. But I’m also pretty sure a lot of people truly believe it’s more secure against eavesdropping than it actually is and that needs to change. The surveillance state is adapting and expanding rapidly and I fear they’ve started getting ahead of many of us. Beware, and plan carefully in the months and years ahead.
Ahem may introduce you to OpenBSD
deleted by creator
Somewhat like it, but with different operational goals.
FreeBSD focuses on wide hardware compatibility and very high speed.
OpenBSD focuses on security, exclusively. It’s slower and with a narrower range of supported hardware, but a MUCH higher effort in security, assurance and audit.
So, the fact that some bugs have been found in FreeBSD is more or less irrelevant to the security of OpenBSD
You may not be aware, but find it interesting that MacOS is also a BSD variant, and there was a distro called NetBSD which was (is?) focused on what you’d expect from the name of it.
Another thing you might not know is that the OpenBSD folks also publish OpenSSH which is a very well regarded and widely used package.
Of course all software is subject to bugs/error/vulnerabilities and OpenSSH as well as OpenBSD are constantly being reviewed, revised and audited for potential security issues.
Use Molly as your Signal client instead. It solves this.
Molly is always the answer.
Hehe.








