Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
gruez 4 hours ago

> Apple and Google have put themselves in the middle of most notifications, causing the contents to pass through their servers, which means that they are subject to all the standard warrantless wiretapping directly from governments, as well as third-party attacks on the infrastructure in place to support that monitoring.

>If you don't want end-to-end messages made available to others, set your notifications to only show that you have a message, not what it contains or who its from.

This incorrect on two counts:

1. As per what you wrote immediately before the quoted text, the issue was that the OS keeps track of notifications locally. Google/Apple's notification servers have nothing to do with this

2. It's entirely possible to still have end-to-end messaging even if you're forced to send notifications through Google/Apple's servers, by encrypting data in the notification, or not including message data at all. Indeed that's what signal does. Apple or Google's never sees your message in cleartext.

saagarjha 2 hours ago | parent | next [-]

If Signal wants to show you a notification with message text, it needs to put it on the screen through an OS service. That service was storing the plaintext on the device.

avianlyric an hour ago | parent | next [-]

Through an OS service yes, but not a hosted backend service. Obviously that service has store the notification in plaintext (although everything on an iPhone is encrypted at rest, but notification crypto keys have to stay in active memory for the lock screen to work), otherwise it wouldn’t be able to display the notification text.

Apple support applications sending encrypted notifications, where the OS launches the app the decrypt the notification body locally and pass it back to the OS for display.

Vinnl an hour ago | parent | prev [-]

Yes, but that service is running locally.

mdavidn 4 hours ago | parent | prev [-]

You are correct, but you omitted one complication: Clients trust Google's and Apple's servers to faithfully exchange the participants' public keys.

pcl 3 hours ago | parent | next [-]

Apps (such as Signal) that care about end-to-end encryption do their own key management. So, Apple / Google servers only ever see ciphertext, and don't have access to the key material that's used for the encryption.

toast0 3 hours ago | parent [-]

Afaik, e2e messengers don't include ciphertext with push notifications. It's an empty push to wake the client. Then the client contacts the origin to fetch the ciphertext.

saagarjha 2 hours ago | parent [-]

This is how it used to work; notifications can be encrypted now and Signal uses an extension to decrypt them.

xmx98 3 hours ago | parent | prev | next [-]

Sending public keys through the notification system is an unnecessary complication.

soamv 3 hours ago | parent | prev | next [-]

Which clients?

ls612 3 hours ago | parent | prev | next [-]

Isn’t that what Contact Key Verification solves? Or do I misunderstand how that works?

qurren 3 hours ago | parent | prev [-]

... and hold participants' private keys truly private, which you cannot verify without a rooted phone.