Comment by nickburns
18 hours ago
Just to clarify, this is within the Signal app settings—not the OS (iOS or Android) system settings.
Critical distinction, as merely changing OS notification settings will simply prevent notification content from being displayed on-screen.
Wait so if I do iOS setting notifications > never show previews it’s still caching them in the background? Unencrypted?
Yes. And technically, from a privacy perspective, it's even worse than that. What's additionally happening is they're still 'syncing' back to Apple servers via APNS (and to Alphabet servers via Firebase on Android)—even with notifications completely disabled, that's correct.
If the app generates them, the OS receives them. That's why the Signal app offers this setting.
>it's even worse than that. What's additionally happening is they're still 'syncing' back to Apple servers via APNS (and to Alphabet servers via Firebase on Android)—even with notifications completely disabled, that's correct.
Source? I don't think either OS implements notification syncing between devices, it's only one way, and as others have mentioned, the actually push notification doesn't contain any message content, only an instruction for signal to fetch and decrypt the message.
4 replies →
Wait... why does Signal need to send notification content to Firebase to trigger a push notification on device? I would instead expect that Signal would send a push to my Android saying nothing more than "wake up, you've got a message in convo XYZ", then the app would take over and handle the rest of it locally.
I also didn't realize that Android stores message history even after I've replied or swiped them away. That's nuts - why!?
23 replies →
Any idea if this works the same or differently for Hidden apps specifically?
Normally no notifications are shown for hidden apps, and even if you unhide the apps, prior notifications which were sent do not reappear IIRC. I'm curious if notifications like that are still hitting the phone into the notifications database, or get silently dropped, or something else.
With notifications disabled APNS push notifications fail for the sending app backend. The device id is rendered invalid if push notifications are disabled at any point. Backends are supposed to handle this and quit sending messages.
Signal has this setting to tell the backend how much information to put into the push message. It can tell the backend to send a simple notification saying “new message” and not send information through APNS or enable it.
I am willing to bet Signal has a notification extension to handle edge cases where there is lag in settings to scrub the message metadata before it dings a screen alert.
Sad to think there is a PostIt note somewhere in Virginia and written on it is a box labelled Signal, with an arrow pointing to a box labelled Apple servers, followed by a smirking smiley face pointing between the boxes with the message “encryption added and removed here”
yes, since apple doesn't control the content of the pushes it is sent by application backends. that can only be controlled within each app
Signal should switch the default to being less verbose.
They should also signal your counterparty's security posture.
Basically, give you a heads up that the other side has settings that make the system less secure.
I'd prefer the receiving end looks at sender's metadata on the message, and uses that to determine where the line is between recipient-convenience and betrayal.
I suppose you could do both, but "Hey I've got something extra important to send you, but it says need to change your settings first please hurry" seems worse than "sometimes I don't get full notifications on my watch, weird."
The default should be "No name or content".
Name only strikes me as a fairer compromise between security and usability.
3 replies →
No it shouldn't. That makes the UX much worse, just to guard against the 0.00001% case where the FBI seizes your iPhone.
Not really, that would discourage use by normies.
users should switch to simpleX
When you put it up against each other it makes perfect sense, but I would never have thought about it in that way!
Thank you for adding this to the conversation.