• Chobbes@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      edit-2
      11 months ago

      Signal push notifications don’t contain any useful plain text data (no content, no information about who sent you a message). AFAIK the only thing you would be leaking is that you received a message on signal, and frankly that metadata is probably going to be leaked to the US government regardless of your use of push notifications.

      • notenoughbutter@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        11 months ago

        frankly that metadata is probably going to be leaked to the US government regardless of your use of push notifications.

        How?

        • Chobbes@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          11 months ago

          Because your ISP and cell phone provider can tell you’re connecting to signal.

          • Natanael@slrpnk.net
            link
            fedilink
            English
            arrow-up
            2
            ·
            11 months ago

            They can tell you connect to AWS when the Signal app fetches messages after a notification, they need to be able to peek into Amazon’s servers to see you’re connecting specifically to Signal

            • Chobbes@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              11 months ago

              AWS is not a black box from the outside. The signal servers will have their own external IP addresses that you will connect with, your ISP could keep track of those connections. Furthermore, if you are worried that the government is using your ISP to spy, what makes you think that AWS wouldn’t be subject to that as well? Signal is absolutely a target in this respect too.

              Of course you can do various things to potentially hide your connection to signal, for instance by using tor, but in some sense there’s no guarantee if you don’t trust anything external to you. I’m personally not too worried about the “this person uses signal” metadata, though.

      • Still@programming.dev
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        4
        ·
        11 months ago

        it’s not the content in the noti, it’s where your phone was connected when it received it