this post was submitted on 01 Mar 2024
148 points (99.3% liked)

Technology

59373 readers
8352 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L4s@lemmy.world
L3s@fry.gs
L4s@fry.gs
enu@lemmy.world
148
Phone Push Notifications: A Double-Edged Sword for User Privacy and Law Enforcement (www.theregister.com)
submitted 8 months ago by Squire1039@lemm.ee to c/technology@lemmy.world
19 comments fedilink hide all child comments
 

Summary:

  • US courts have received over 130 requests from law enforcement to access push notification data from phones, reported the Washington Post.
  • This data can reveal a user's location, device details, IP address, and more, even if they use encrypted messaging apps.
  • This raises concerns about privacy, as prosecutors and foreign governments could potentially access this data for various reasons.
  • While Apple and Google are promising more transparency regarding data requests, security experts highlight the potential for abuse by governments and marketing organizations.

Key Points:

  • Push notification metadata includes information like the app receiving the notification, timestamp, and network details.
  • This data is not encrypted and can be used to track user movements and activity.
  • Law enforcement can use this data for investigations, but it also raises concerns about potential misuse by other parties.
  • Experts recommend increased awareness about the information users share through push notifications and the potential privacy risks involved.
you are viewing a single comment's thread
view the rest of the comments
[–] JackGreenEarth@lemm.ee 14 points 8 months ago (12 children)

Why is this connected to the Internet? Aren't the notifications coming directly from the app, why do they need to be connected to a server?

[–] Fisch@lemmy.ml 24 points 8 months ago (6 children)

If every app on your phone was constantly running and asking the server for new messages, it would drain a lot of battery. That's why phones instead use a single app that asks a notification server if any new notifications are there. The way it works is if you e.g. get a WhatsApp message, the WhatsApp server tells the notification server that you have a new message, then when the notification app asks that server for new messages, the server will tell it that there's a new WhatsApp notification. Then the notification app wakes up WhatsApp and tells it there's a new notification, then WhatsApp checks for new messages and shows you the notification.

Most apps use Apple's system (whatever it's called) on iOS or Google's Firebase on Android for that. There are also apps that let you use the open standard UnifiedPush, which let's you use any notification app or server you want.

[–] Rodeo@lemmy.ca 3 points 8 months ago (1 children)

How does the notification daemon in Linux work? It's all local and has been around for ages, why can't we do that?

[–] Fisch@lemmy.ml 8 points 8 months ago

The applications just run in the background the whole time. KDE was working on implementing UnifiedPush in Plasma but I don't know if it's already implemented or still in the works.

load more comments (4 replies)
load more comments (9 replies)