Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
neilv 2 days ago

If you make a Rayhunter, think twice before enabling its smartphone notification feature. The documentation doesn't directly warn, but presumably the notifications leak the fact that you use Rayhunter, and they go through centralized services. (With notifications being practically easier for some parties to check centrally, than how the device appears to the various cellular network towers.)

As situations sometimes become complicated in a locale, I suppose that this leaking could get you flagged as a potential troublemaker, or included in a small pool of persons of interest regarding an event/incident, etc.

(Most people neither think about nor are concerned with such possibilities, but if you find this device fun or interesting, then I'd guess probably you are more likely than the average person to want to reconcile how it works, with your fun/interesting/real threat model.)

Per <https://efforg.github.io/rayhunter/configuration.html>:

> ntfy URL for Sending Notifications, which allows setting a ntfy URL to which notifications of new detections will be sent. The topic should be unique to your device, e.g., https://ntfy.sh/rayhunter_notifications_ba9di7ie or https://myserver.example.com/rayhunter_notifications_ba9di7i.... The ntfy Android and iOS apps can then be used to receive notifications. More information can be found in the ntfy docs.

miloignis 2 days ago | parent | next [-]

Not that I imagine most people would change it, but notably ntfy means that notifications don't have to go through centralized services. (As you can set what ntfy URL you want to use, including to your own server)

neilv a day ago | parent [-]

I guess if you set up an `ntfy` server, and you also run the `ntfy` app on iOS, then the `ntfy` app can do a local notification on the iOS device (without going through Apple APN servers)?

Then it looks like you can probably just do the communication between server and app using HTTP(S), though the app either needs to keep a connection open or poll frequently (with entirely new TCP and possibly TLS connection negotiation each poll time):

https://docs.ntfy.sh/config/

https://docs.ntfy.sh/publish/

`ntfy` is impressive, but there's a lot of implementation to it that could have vulns, there's substantial server config to do, the app-side UX polish isn't great, and the connection method is inefficient. But it might not obviously leak to some centralized thing outside your control (unlike if you do iOS push notifications the normal way).

joezydeco 20 hours ago | parent [-]

The ntfy maintainer is here on HN if you want to send ideas:

https://news.ycombinator.com/user?id=binwiederhier

pcdoodle 2 days ago | parent | prev [-]

I wonder if there's a usb option to get a notification on your PC?