Nostr Web Client

New research shows 11 of 21 "secure" messaging apps leak user data to Google's push notification servers - including 4 that leak message contents. None disclosed this in their privacy policies. Signal, WhatsApp, and Threema got it right.

https://arxiv.org/abs/2407.10589

We're working on a MIP for private notification architecture on iOS and Android for nostr:nprofile1qqs8t4ehcdrjgugzn3zgw6enp53gg2y2gfmekkg69m2d4gwxcpl04acpzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtcppemhxue69uhkummn9ekx7mp0w3radp, please review!

https://github.com/marmot-protocol/whitenoise-rs/discussions/388

Reply to this note

Please Login to reply.

Discussion

Marc 1mo ago

That's terrible.

Max 1mo ago

Wait... WhatsApp is actually good?

AU9913 1mo ago

Once y'all have amber integrated I will use it as a signal backup.

Once notifications work, I will start using it as a daily driver.

Once I can send gifs, it will become my primary.

Max 1mo ago

That's a good roadmap.

FYI android has great notifications already now (without google play services)

AU9913 1mo ago

That's good! I just haven't really done anything besides log in, plug in a random nsec and poke around. Until I have amber there's no one I want to talk to lol

observer👁️🌐 1mo ago

What about #unifiedpush support for #whitenoise ?

Max 1mo ago

Unified push doesnt work on iOS, and on Android we can just keep the websockets open in the background without any third party notification server.

So probably not.

nathanael 1mo ago

every app having their own websocket is a bad idea. will probably not use whitenoise if this stays true

Max 1mo ago

What's the alternative?

Pokey doesn't support marmot groups out of the box, and if would probably be nontrivial to implement that there.

nathanael 1mo ago

unifiedpush

greenart7c3 1mo ago

Better to implement something in pokey for Android if you need to connect to relays when you receive a notification

When I had unified push in amber the app couldn't connect to the internet unless the user opened the app or it still in memory

To bypass this I had to keep it running as a service all the time

Maybe it works without a always on service if you use something like work manager

Max 1mo ago

Thing is that the outer marmot events only have a random and often changing group ID.

Is it possible for White Noise to give the new group IDs to Pokey in the background for listening?

Max 1mo ago

nostr:nprofile1qqsxg45ph8gx0vdrvtzta6xal7v86frx6jvstsnvhrlvtehmwwh4epqpz4mhxue69uhksar5wpej7tmwdaejumr0dshsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0qydhwumn8ghj7mn0wd68ytnnv968xarjv9kxjcfwvdhk6tcgnx79f

nathanael 1mo ago

i don't think it is a good idea to reimplement everything on nostr and you're probably right, that there would probably be the need for an always on service. molly uses mollysocket for example. maybe a relay can be that always on service. i am not too deep into nostr dev to evaluate that

J.G.Montoya.Hodl 1mo ago

What are your main concerns with this approach? Is it about the phone battery draining faster?

nathanael 1mo ago

yes, i think one app having a websocket and dealing with push notifications seems better than every app having a websocket

ede3d957... 1mo ago

The answer is to stop developing for closed systems. Apple is a shitcoin company and it should be treated as such. By developing for iOS you become part of the problem distorting market signals.

This is peak cognitive dissonance in the Bitcoin maxi mindset. It's cringe. I don't find any other words for it. Sorry.

Max 1mo ago

Read this and you might reconsider.

Anonymity Loves Company: Usability and the Network Effect

https://www.freehaven.net/anonbib/cache/usability:weis2006.pdf

🇵🇸 whoever loves Digit 1mo ago

Yeah. If Apple wants to make it easy enough for a Linux / Android app to be ported by the Apple community without help from serious devs, they can start with either giving up their copyright claims or respecting open source copyrights in iOS itself.

🇵🇸 whoever loves Digit 1mo ago

But serious devs shouldn't help