this post was submitted on 01 Jul 2025
762 points (97.5% liked)

Technology

72262 readers
2595 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
762
Trump Team Has Full Meltdown Over CNN Story on ICE-Tracking App (newrepublic.com)
submitted 1 day ago by chobeat@lemmy.ml to c/technology@lemmy.world
152 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] cupcakezealot@piefed.blahaj.zone 30 points 1 day ago* (last edited 5 hours ago) (3 children)

they mentioned that its because push notifications require device id and that would make it easy to be tracked if aubpoenaed.

https://bsky.app/profile/iceblock.app/post/3lmzykc7rb42d

edit: for the record i don't agree; i'm just saying what they said on bsky

[–] Ulrich@feddit.org 40 points 23 hours ago* (last edited 23 hours ago)

I'm not sure if this guy is just dumb or it's a honeypot.

  1. As mentioned elsewhere, they don't use device ID

  2. Android is the only platform that supports alternative push methods

  3. Apple knows everyone who downloads this app, which is subject to subpoena

  4. The gov has been collecting push notification data from both Apple and Google for a long time. It would be as simple as knowing when notifications went out and then comparing timestamps to figure out who is using the app.

  5. The app is closed-source

It would take significantly more mental energy on the part of the user but it would be far safer (which is extremely important in this specific case, as the dev agrees) to distribute through F-Droid and then use some other UnifiedPush implementation, as many Android apps already do. Anyone using this app is painting a huge target on their backs for the current authoritarian state.

[–] Reygle@lemmy.world 17 points 1 day ago

Interesting, especially with GrapheneOS people shooting it down immediately to call them out on their baloney.

[–] poopkins@lemmy.world 9 points 23 hours ago (1 children)

Push notifications though GMS don't use the device ID; they use a generated GCM registration ID that occasionally rotates. Who knows what Google uses internally to associate GCM reg IDs to users, but to overly state that it uses device IDs is simply not correct.

I'm not suggesting push notifications are inherently secure because it's impossible to make that determination from the outside. But their assessment is incorrect and the same privacy concerns apply to Apple.

[–] forrgott@lemmy.sdf.org 4 points 23 hours ago

I'm pretty certain push notifications have been shown to be grossly insecure actually...