one more thing: its not actually irrelevant for privacy whether lemmy sends our public comments across google’s push service. we are not anonymous, but we don’t use real names either so it’s partially private, but when google connects your notifications (or just the timestamp of them with comments here), they will be able to figure out what is your account. they can use that information for stalker marketing or give it to the authorities later on
ok. push notifications don’t universally leak your data. apps can receive either the message contents in the push notification, which is unsafe (less so if encrypted), or a ping that there is some kind of a new notification, upon which the app can connect to the server to fetch them. Popular messaging apps probably do the former for some reason. in mattermost its configurable by the server operator but defaults to leaking data. safe messaging apps don’t do this, they just send an empty notification or such, and the app checks in for updates. signal and matrix are like that, but in both cases they wouldn’t even be able to send the message when it is encrypted.
but back to voyager: to be able to use push notifications, the server needs to send them. Lemmy does not have the capability for that, probably not even in the 1.0 version they are working on. so the way for Voyager to fetch notifications is to check in periodically instead of using a push service.
Doesn’t signal use ping notifications and the whole problem was with how the mobile os handles the notifications. From my understanding of the controversy the os stored information from the app when a notification is detected in a local directory (hence why it worked on signal)
yes, it was that the phone was saving notifications to a database, because the notification history feature was not disabled by the user. but that affects non-push notifications too, and it only becomes a problem when your phone is compromised (malware, including police malware)
but if you don’t trust your phone with not leaking your notifications, you shouldn’t trust it not leak what you typed in and what you watch on it either, because the operating system has access to all of these too. in that case you are looking for a better phone brand, maybe even a custom rom that’s known for privacy
wait, I think maybe there is a misunderstanding in what happened in other apps. you are referring to the signal notifications thing, right?
Yes but its not just signal but any app with push notifications
one more thing: its not actually irrelevant for privacy whether lemmy sends our public comments across google’s push service. we are not anonymous, but we don’t use real names either so it’s partially private, but when google connects your notifications (or just the timestamp of them with comments here), they will be able to figure out what is your account. they can use that information for stalker marketing or give it to the authorities later on
You’re right about it not being irrelevant but I was just talking the security of sent messages in Lemmy which can be read by everyone regardless
ok. push notifications don’t universally leak your data. apps can receive either the message contents in the push notification, which is unsafe (less so if encrypted), or a ping that there is some kind of a new notification, upon which the app can connect to the server to fetch them. Popular messaging apps probably do the former for some reason. in mattermost its configurable by the server operator but defaults to leaking data. safe messaging apps don’t do this, they just send an empty notification or such, and the app checks in for updates. signal and matrix are like that, but in both cases they wouldn’t even be able to send the message when it is encrypted.
but back to voyager: to be able to use push notifications, the server needs to send them. Lemmy does not have the capability for that, probably not even in the 1.0 version they are working on. so the way for Voyager to fetch notifications is to check in periodically instead of using a push service.
Doesn’t signal use ping notifications and the whole problem was with how the mobile os handles the notifications. From my understanding of the controversy the os stored information from the app when a notification is detected in a local directory (hence why it worked on signal)
yes, it was that the phone was saving notifications to a database, because the notification history feature was not disabled by the user. but that affects non-push notifications too, and it only becomes a problem when your phone is compromised (malware, including police malware)
but if you don’t trust your phone with not leaking your notifications, you shouldn’t trust it not leak what you typed in and what you watch on it either, because the operating system has access to all of these too. in that case you are looking for a better phone brand, maybe even a custom rom that’s known for privacy