[frizlab]

They do not. They send encrypted notifications. It’s the OS that stores them unencrypted. It’s the OS at fault here IMHO.

[llacane]

Signal does NOT send encrypted notification, they send a blank notification that act like a ping, the actual encrypted data is then fetched by the app itself.

[throawayonthe]

i think they're replying to the "recommendation" part -- if it was recommended, why isn't it the safe default?

i haven't actually seen signal or anyone adjacent recommend that previously though, idk where that claim came from

[shantara]

Sorry, the “recommended” was a bad wording on my part. The recommendation comes from the 404 Media article who did the expose on this incident, not Signal itself.

I’ve checked the Signal documentation page, and there’s no mention of the privacy implications of the setting: https://support.signal.org/hc/en-us/articles/360043273491-In...