• Chobbes@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    1
    ·
    edit-2
    11 months ago

    Signal push notifications don’t contain any useful plain text data (no content, no information about who sent you a message). AFAIK the only thing you would be leaking is that you received a message on signal, and frankly that metadata is probably going to be leaked to the US government regardless of your use of push notifications.

    • notenoughbutter@lemmy.ml
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      11 months ago

      frankly that metadata is probably going to be leaked to the US government regardless of your use of push notifications.

      How?

      • Chobbes@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        11 months ago

        Because your ISP and cell phone provider can tell you’re connecting to signal.

        • Natanael@slrpnk.net
          link
          fedilink
          English
          arrow-up
          2
          ·
          11 months ago

          They can tell you connect to AWS when the Signal app fetches messages after a notification, they need to be able to peek into Amazon’s servers to see you’re connecting specifically to Signal

          • Chobbes@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            11 months ago

            AWS is not a black box from the outside. The signal servers will have their own external IP addresses that you will connect with, your ISP could keep track of those connections. Furthermore, if you are worried that the government is using your ISP to spy, what makes you think that AWS wouldn’t be subject to that as well? Signal is absolutely a target in this respect too.

            Of course you can do various things to potentially hide your connection to signal, for instance by using tor, but in some sense there’s no guarantee if you don’t trust anything external to you. I’m personally not too worried about the “this person uses signal” metadata, though.

    • Still@programming.dev
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      4
      ·
      11 months ago

      it’s not the content in the noti, it’s where your phone was connected when it received it