[drdaeman]

There should be a public API, open to any user-designated program (including self-made, without requiring any special hoops to obtain any fancy entitlements), that can act as a "firewall" for all notifications (except, possibly, for few system-critical ones), allowing it to control and modify those as it seems fit.

[mzajc]

Applications can interact with notifications on the user's behalf via the accessibility permission - I do this with KDE Connect. I don't know what the limitations are.

[drdaeman]

On iOS?

Last time I've checked, kdeconnect-ios was unable to read any third-party notifications, not to mention doing anything to them or modifying their text or appearance in any way.

Project readme still says "Notification syncing doesn't work because iOS applications can't access notifications of other apps" (https://github.com/KDE/kdeconnect-ios?tab=readme-ov-file#kno...) so I think it's still a thing.

[mzajc]

On Android, I forgot to mention.

[socalgal2]

Sounds great! Until your grandpa downloads a notification filter than really just forwards all his notifications to the bad guys so they can hack all his accounts

[aembleton]

That can already happen because apps can get the permission to read your notifications.

[dreamcompiler]

Precisely this. There needs to be an API that all apps have to use not only for notifications but also for getting your contacts, your phone's location, etc. that is spoofable by the user. Or better yet, an AI program that runs entirely on the phone and does the spoofing automatically and entirely on behalf of the user.

Let the enshittified apps' ads interact with your AI agent and steal your fake "data" in the background without bothering the user.

Also important: It must be IMPOSSIBLE for any app to detect that its requests are being intercepted by your agent. (If they can tell, they'll refuse to work until you give them direct access.)

This is a real killer app for AI but you'll never get VC funding to build it.

[netsharc]

On Android such a spoof app existed, it can hook into seemingly any API call and return things you control: https://www.youtube.com/watch?v=_dt50HWys1k&t=27s

But of course you need a rooted phone, and rooted phones can't run banking apps, tap-to-pay, Netflix, Pokemon Go, blah blah..

The notification "firewall" is probably not impossible to make. I use Pushbullet, it mirrors notifications to my computer (to the browser extension to be exact), and I can already dismiss notifications coming into my phone from the computer. It should be possible to make an app that intercepts all notifications, analyzes their contents and dismiss them if they're spam...