Mastodon Feed
Boosted by dysfun@treehouse.systems ("gaytabase"):
brian_greenberg@infosec.exchange ("Brian Greenberg :verified:") wrote:
Quick thought experiment. Pull out your phone, look at your lock screen, and ask yourself who else is reading those notification previews. The answer is stranger than you think.
EFF just laid out what most people don't realize: push notifications usually route through Apple or Google servers before they hit your device, often with content visible in the clear. Then they get written to a local notification database that doesn't always get wiped when you swipe the alert away or even when you uninstall the app. 404 Media reported the FBI has pulled deleted Signal message text out of that database using standard forensic tools. Signal. The app you installed specifically because you didn't want this.
๐ Apple and Google now require a court order for push notification data, but Apple's transparency report still shows hundreds of users handed over
๐ฑ Lock screen previews are a free read for anyone who picks up your phone, including at a border crossing or traffic stop
๐งน Uninstalling an app does not guarantee its notification history goes with it, and we don't know what gets backed up to iCloud or Google
๐ ๏ธ Signal's notification setting "No Name or Content" is a 30-second fix that closes the easiest leakFor the security folks, this is a useful reminder that end-to-end encryption ends at the endpoint, and the endpoint includes a SQLite file most users have never heard of. For the executives, this is the reason your travel security policy for high-risk regions should say more than "use Signal." The default settings on a stock iPhone leak more than the app you chose to protect you.
https://www.eff.org/deeplinks/2026/04/how-push-notifications-can-betray-your-privacy-and-what-do-about-it
#Privacy #Cybersecurity #MobileSecurity #security #cloud #infosec