Comment by HumblyTossed

2 years ago

It should only[0] be meta data, though. The push notification should signal the app that there is data to fetch, then the app goes and fetches it. The push notification itself should carry none of the data.

[0] still bad though and they should stop.

22 comments

HumblyTossed

MaxikCZ 2 years ago

I so hate when people put words "only" and "metadata" in the same sentence...

     They know you rang a phone sex line at 2:24 am and spoke for 18 minutes. But they don't know what you talked about.

    They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.

    They know you got an email from an HIV testing service, then called your doctor, then visited an HIV support group website in the same hour. But they don't know what was in the email or what you talked about on the phone.

    They know you received an email from a digital rights activist group with the subject line “Let’s Tell Congress: Stop SESTA/FOSTA” and then called your elected representative immediately after. But the content of those communications remains safe from government intrusion.

    They know you called a gynecologist, spoke for a half hour, and then called the local abortion clinic’s number later that day.

2OEH8eoCRo0 2 years ago
It's important but what do we do about it?
You're using the internet afterall which isn't your network- it's someone else's! When you send a packet there is a header w/ information required for routing. Some call this the "outside of the envelope" if using the mail analogy. We can pass the buck by using a VPN but this also adds a VPN org that we need to trust. On the other hand, it's not your network! Why do you think you have a right to absolute secrecy and anonymity on someone else's network?
- g-b-r 2 years ago
  
  So every person in the world should build his own "network"?
  
  5 replies →
Spivak 2 years ago

Push notifications don't signal an active line of communication like that though nor do they connect who's talking, only the means. In all your examples the equivalent would be "They know someone called you."
"They know you got a push from McDonalds at 11am"
"They know you got a Slack message at 2pm"
All metadata is not created equal.
HumblyTossed 2 years ago
Dude, did you read my point? I said it was still bad.
- acdha 2 years ago
  
  I don’t agree with them plagiarizing the EFF’s blog post[0] but I think it is a mistake to use “only”. Both can be damaging and neither is clearly more or less bad since so much depends on the circumstances – like if the police have compromised one party in a conversation, they already have the payload so the real risk would be things like location data. We should probably treat both of those as equivalent risks until enough specific details about a situation are available to say which is riskier.
  0. https://ssd.eff.org/module/communicating-others
  
  1 reply →
- fsflover 2 years ago
  
  "Still bad" strongly underestimates the problem. Metadata often is more important than the data as demonstrated in the above examples.
  
  7 replies →

watchblob 2 years ago

[flagged]