> I had thought the push notifications were end-to-end encrypted
Much of the metadata is plaintext, in both Apple and Google's Push Notification architecture.
> I had thought the push notifications were end-to-end encrypted
Much of the metadata is plaintext, in both Apple and Google's Push Notification architecture.
My understanding is that in Signal's implementation of push notifications the message text is end-to-end encrypted by Signal and decrypted on device by the Signal app. The decryption is not handled by the OS's push notification system.
If I am reading this right, your understanding is incorrect. Signal's "new messages" push message payload is empty. Upon receiving a message of this type, the Signal app wakes up, fetches the actual messages, and (optionally) displays local notifications for them.
At no point does the push message payload contain message text or metadata, encrypted or not.
This is correct, but the timing of a notification that there is a new message is itself metadata.
So that means iOS is caching the local notifications, not the push event... I wonder why it was needed to begin with, especially for a month