- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
Apple admits to secretly giving governments push notification data::Apple to update transparency report to break out push notification data requests.
Oof that’s bad.
Although it should be noted that in well designed apps this should only be metadata. The push notification should just tell the phone that “content is available”, which will power up the CPU, launch the app in the background, download your actual message/etc, decrypt it, and finally put a notification on the lock screen.
Metadata is obviously useful to law enforcement, but unless the app is really poorly written they shouldn’t be getting your actual notification alerts. Those should be E2EE and therefore can’t be disclosed.
Unfortunately the notification system does allow messages to be sent without encryption. Perhaps they should remove that feature.