What I don't understand about the whole Signal E2EE model is that while your messages themselves may be encrypted, they are still sending push notifications over Apple's servers, which have to go through APNS. Often the entire message contents can be contained in the push notification.
Does anybody know if Apple's notifications are E2EE? I doubt that gov't doesn't have access to the push notifications...
I believe they are encrypted (and decrypted on device by the Signal app).
They recently had to do some rewriting of the code for iOS15 - they share some comments about that here: https://community.signalusers.org/t/beta-feedback-for-the-up...
Hope it helps
I'm actually surprised they didn't use a notification extension before. They're surprisingly great as an API - I used it to dynamically render preview line chart images for a finance app I worked on a few years ago. Just send over the limited line data, render the image, and you're good to go.
I would (naively) assume that the notification service sends opaque (encrypted) blobs that are processed (decrypted) by the app before display to the user.
I don't know how Signal works but it is possible to send a silent encrypted push notification that the app can decrypt and show as a local notification.
I'm not too familiar with this, but my understanding is that the push notification just wakes up the Signal app, then the Signal app gets the encrypted message (either from Signal's servers or the push notification payload, I'm not sure) and decrypts it client-side and provides the notification text.
Even if the push notifications themselves are encrypted, isn't there still the question of whether Apple store the (App x Notification x User/phone number) graph?
This applies on every single app, and is quite irrelevant as you already trust Apple by using their closed source device. If they want your data, they sure get it.
Unless you only contact Signal users who have verified and compiled the client themselves, you put the same kind of trust in Signal, which specify what data is logged (phone numbers are stored hashed for discovery by other users).
The same may or may not be true for Apple (I have no idea) but claiming it is irrelevant as an answer to a question about whether an _Apple_ technology is encrypted, is mind boggling to me.
I mean, there is always a root for the trust. In this case, the root is Apple. Signal is one leaf below. Compromising root compromises everything.
In this case, root being the device and OS, it has unrestricted access to everything happening by your actions. The data you see on your screen is processed by the CPU, developed by Apple, controlled by kernel, coded by Apple. The can access everything they want.
> Often the entire message contents can be contained in the push notification.
Good grief, why would you do that? Just send a notification that data is ready and the when the app wakes, go get the remainder of the data from signal servers.
I'm guessing here, but wouldn't they just push the e2ee message through APNS? Then decrypt client side. Or does Apple require plaintext messages for push notifications (that seems bad if they do)?
When you craft a push notification server-side, it contains the payload in plaintext. Now, that is probably encrypted in Apple-land, but my point is that the gov't probably has sunk its teeth into Apple already. So, yea signal's encryption may be open source and proven, but I doubt Apple's doesn't have a backdoor.
I mean Apple themselves is telling devs to not send sensitive data in the actual notification
> [...] never include sensitive data or data that can be retrieved by other means in your payload. Instead, use notifications to alert the user to new information or as a signal that your app has data waiting for it.
Not sure if Signal is doing this, but they could send a notification with title "New message" and encrypted payload. The payload can be processed by a client-side notification extension which decrypts the payload and chooses what notification text the user will see.
Not true. The server can send encrypted (not plaintext) payload. The client can then use a NotificationExtension to decrypt the payload as it comes in.
I was wondering about the same thing. I think that signal just sends a message to APNS (and Google’s equivalent) that you have something to look at like a new message or whatever. That makes the app wake up and goes to signals servers for the actual content and the app creates the actual notifications on your device.
Does anybody know if Apple's notifications are E2EE? I doubt that gov't doesn't have access to the push notifications...