PSA: We've received questions about push notifications. First: push notifications for Signal NEVER contain sensitive unencrypted data & do not reveal the contents of any Signal messages or calls–not to Apple, not to Google, not to anyone but you & the people you're talking to. 1/
Conversation
Notices
-
Embed this notice
Meredith Whittaker (mer__edith@mastodon.world)'s status on Tuesday, 12-Dec-2023 06:27:10 JST 
Meredith Whittaker
- Paul Cantrell and clacke repeated this.
-
Embed this notice
Meredith Whittaker (mer__edith@mastodon.world)'s status on Tuesday, 12-Dec-2023 06:27:09 JST
Meredith Whittaker
In Signal, push notifications simply act as a ping that tells the app to wake up. They don't reveal who sent the message or who is calling (not to Apple, Google, or anyone). Notifications are processed entirely on your device. This is different from many other apps. 2/
clacke likes this. -
Embed this notice
Jord_Skole (jord_skole@social.tchncs.de)'s status on Tuesday, 12-Dec-2023 09:03:31 JST 
Jord_Skole
>> the small number...we implement the *battery-destroying...
✋ ^ That's me. I genuinely appreciate Signal accommodating this nascent minority. Signal was once nascent too...
* For me, Android Battery Usage reports <1% Signal "battery-destroying" for last 24 hrs.
iirc M Marlinspike blogged to early criticism of the *choice* to use GCM as one of infrastructure and adoption.
I enjoy Signal and kick in - but still disagree with the choices of GCM/FCM & phone# as UID ...
clacke likes this. -
Embed this notice
MatMaul (matmaul@framapiaf.org)'s status on Tuesday, 12-Dec-2023 15:52:59 JST 
MatMaul
@Mer__edith it's not completely true I believe. I am using @unifiedpush with the ntfy connector and the battery impact is quite minimal, I've used it for quite some time now with Element and Megalodon clients and it seems really reliable. Any chance Signal implements UnifiedPush support please please please 🥺😇?
clacke likes this. -
Embed this notice
Meredith Whittaker (mer__edith@mastodon.world)'s status on Tuesday, 12-Dec-2023 15:53:00 JST
Meredith Whittaker
*(Note, if you are among the small number of people that run alt Android-based operating systems that don't include Google libraries, we implement the battery-destroying push option, and hope you have ways to navigate.) 6/
-
Embed this notice
Meredith Whittaker (mer__edith@mastodon.world)'s status on Tuesday, 12-Dec-2023 15:53:02 JST
Meredith Whittaker
So, while we do not love Big Tech choke points and the control that a handful of companies wield over the tech ecosystem, we do everything we can to ensure that in spite of this dynamic, if you use Signal your privacy is preserved. 5/
clacke likes this. -
Embed this notice
Meredith Whittaker (mer__edith@mastodon.world)'s status on Tuesday, 12-Dec-2023 15:53:03 JST
Meredith Whittaker
Apple simply doesn’t let you do it another way. And Google, well you could (and we've tried), but the cost to battery life is devastating for performance, rendering this a false option if you want to build a usable, practical, dependable app for people all over the world.* 4/
-
Embed this notice
Meredith Whittaker (mer__edith@mastodon.world)'s status on Tuesday, 12-Dec-2023 15:53:04 JST
Meredith Whittaker
What's the background here? Currently, in order to enable push notifications on the dominant mobile operating systems (iOS and Android) those building and maintaining apps like Signal need to use services offered by Apple and Google. 3/
-
Embed this notice
Meredith Whittaker (mer__edith@mastodon.world)'s status on Wednesday, 13-Dec-2023 22:31:02 JST
Meredith Whittaker
@ck @dalias @signalapp There's also a reckoning to be had within the FOSS community IMO, which in the 1990s took its eye off market actors even as it remained vigilant about government surveillance/overreach. The acceptance of corporate tech (and implicitly its surveillance business model), led by folks like ESR via the break from Free software to "open source," did a lot to get us here.
-
Embed this notice
Meredith Whittaker (mer__edith@mastodon.world)'s status on Wednesday, 13-Dec-2023 22:31:03 JST
Meredith Whittaker
@ck @dalias @signalapp this is a very rude comment that misunderstands our choices and commitments. I, also, do not *want* to run corp software. But in a world where a few companies own and/or otherwise control most of the infra we all rely on, INCLUDING choosing which FOSS options receive support (via hiring their maintainers, funding via Linux Found etc), it's an unhelpful fantasy to paint operating in this ecosystem, shaped by these forces/actors, as a "choice" made out of obstinacy/stupidity
Aral Balkan repeated this. -
Embed this notice
ck@chaos.social's status on Wednesday, 13-Dec-2023 22:31:05 JST 
ck
@dalias
The vexing part is that @signalapp (seemingly categorically ) refuses to cooperate with the rest of the FOSS world to integrate with open solutions, which already exist. Instead, their spokespeople like
@Mer__edith prefer to talk down to people who, for whichever reason can't or don't want to run proprietary Google services on their Android phone. -
Embed this notice
ck@chaos.social's status on Wednesday, 13-Dec-2023 22:31:07 JST
ck
@dalias
There are a couple of options for notifications.
The most battery saving design is to have your app being woken up whenever a notification is received. This way, you app does not use battery while there is nothing for it to do. The dominant solution in this space is integrated into Google Play (proprietary). The opposite site of the spectrum, and the solution Signal chose, is for the app to require permission to stay awake all the time polling for notifications.
@Mer__edith -
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 13-Dec-2023 22:31:08 JST 
Rich Felker
@Mer__edith How does it end up being battery-destroying? Shouldn't it just be waiting on a socket that has no data until there's a notification to be processed, with the TCP keepalive set on the socket options so kernel rather than userspace deals with stupid NATs that would otherwise drop it?
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 13-Dec-2023 22:52:03 JST
Rich Felker
@nus No, they do not contribute to battery drain. There is no difference in power consumption between a process that exists but is never scheduled and one that does not exist. One that does not exist to start with, but which gets started from scratch on a triggering event from GCM, is A LOT more expensive.
The kernelspace TCP keepalive has a tiny but nonzero energy cost. It's much smaller than whatever constant network noise Play Services/GCM are keeping up, doing userspace keepalives in Java.
Haelwenn /элвэн/ :triskell: likes this. -
Embed this notice
nus (nus@mstdn.social)'s status on Wednesday, 13-Dec-2023 22:52:04 JST 
nus
@dalias The connection has to remain open, and the app has to remain open to keep the connection open too. Both of those things contribute to battery drain at the same time.
If you can figure out the solution to this, you would be providing a great service to the Android community that nobody before you has been able to figure out.
-
Embed this notice
Daniel Gultsch (daniel@gultsch.social)'s status on Friday, 15-Dec-2023 14:19:55 JST 
Daniel Gultsch
@Mer__edith if your persistent TCP connection drains the phone's battery I think you might have implemented it wrong. How do you think Google Push works under the hood?
Haelwenn /элвэн/ :triskell: likes this. -
Embed this notice
Andre Meister (andre_meister@chaos.social)'s status on Friday, 15-Dec-2023 14:27:59 JST 
Andre Meister
Noone claims the content data of push notifications is significant. But the data connected to the push ID is: A Apple/Google-ID, and everything in it.
While researching for our article, I sent Signal repeated press inquiries. Among my questions was:
"Of all user accounts that Signal had to hand over data to authorities since 2020, how many datasets contained push tokens?"
I still don't have an answer. I still would appreciate one. I'm sure, many other users, too.
Haelwenn /элвэн/ :triskell: likes this. -
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Friday, 15-Dec-2023 14:33:45 JST
Rich Felker
@nus Exactly what I said to lose: ensuring nobody adopts the right way to do this because the person pushing it is intolerable. Awful ppl pushing good ideas are the surest way to bury those ideas.
Haelwenn /элвэн/ :triskell: likes this. -
Embed this notice
nus (nus@mstdn.social)'s status on Friday, 15-Dec-2023 14:33:47 JST
nus
@dalias if these technical points are indeed correct, you will revolutionize open source apps using push notifications overnight. That department has stagnated for over a decade. What do you have to lose?
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Friday, 15-Dec-2023 14:33:48 JST
Rich Felker
@nus Um, no. It's not "looking silly for a little while". It's "being an asshole who mistreats maintainers and having your right technical points rightly overlooked because you were an asshole in how you presented them".
-
Embed this notice
nus (nus@mstdn.social)'s status on Friday, 15-Dec-2023 14:33:49 JST
nus
@dalias well that's kind of the point, isn't it... Either you are correct and you're sitting on what could be one of the greatest advancements in Android history, or you aren't.
With this incredible innovation, surely looking silly for a little while is worth it.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Friday, 15-Dec-2023 14:33:50 JST
Rich Felker
@nus If I were a maintainer and got a ticket that was "I haven't actually read any of your code but you must be doing something wrong at a very high level, here's how you should be doing it", I would probably be annoyed & think the reporter had no idea what they were talking about on the basis of their lack of social skills. I'm not going to be that reporter. I stand by the high level principles, but taking an actionable report to a project requires having an understanding of what they've tried.
-
Embed this notice
nus (nus@mstdn.social)'s status on Friday, 15-Dec-2023 14:33:51 JST
nus
@dalias if this is as easy as you claim, you should at least file a ticket requesting it from ntfy. You'd be revolutionizing something that nobody has figured out since 2012.
I can't overstate the level of achievement this would be.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Friday, 15-Dec-2023 14:33:52 JST
Rich Felker
@nus I don't think I have the energy to dig into what it's doing, but on a high level, I'd make it use a background activity that maintains a TCP socket to the server and blocks waiting for input from it. With keepalive set in the socket options so kernel avoids droppage by bad NATs. No execution of any code except when data is received or connection drops & needs to be reestablished.
-
Embed this notice
nus (nus@mstdn.social)'s status on Friday, 15-Dec-2023 14:33:53 JST
nus
@dalias how would you fork this and servers to fix the notification battery issues?
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Friday, 15-Dec-2023 14:33:54 JST
Rich Felker
@nus The problem is just that the entire Android system and app developer scene has minimal understanding of POSIX, basic networking principles, etc. and only knows their Java APIs, which do everything in the worst possible ways. I'm not saying anything profound here, but they won't listen regardless...
All GNU social JP content and data are available under the