- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
“App developers can encrypt these messages when they’re stored (in transit they’re protected by TLS) but the associated metadata – the app receiving the notification, the time stamp, and network details – is not encrypted.”
But there’s also UnifiedPush. If apps used that, you could just selfhost that server. A lot of open source apps do use it. I, for example, have a phone with MicroG and I didn’t enable cloud messaging. I also have a Nextcloud server, where I installed the UnifiedPush provider and I use NextPush on my phone as the UnifiedPush app. Works great and that way a lot of apps I have don’t need to run in the background constantly.