|
|
|
|
|
|
by _slih
62 days ago
|
|
|
signal did everything right on their end. encrypted push, content only shown if the user opts in. the weak link is iOS caching decrypted notification content in an unencrypted sqlite database that survives app deletion. the 'e2e' in e2e encryption ends at the os, not the app. |
|
|