this post was submitted on 07 Jun 2026
79 points (100.0% liked)

DeGoogle Yourself

17284 readers
285 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 6 years ago
MODERATORS
 

I just started my de-googling journey recently, and so the mechanics of notifications were still unclear to me, and I found this video super helpful.

It explains how most mobile messaging apps (including privacy-focused ones like Signal) rely on Google and Apple's centralized servers to deliver push notifications, which exposes vast amounts of user metadata.

Here's the YT link, for people who prefer it: https://youtu.be/c3ennD3wKn0

all 14 comments
sorted by: hot top controversial new old
[–] csolisr@hub.azkware.net 26 points 1 month ago (1 children)

This is the reason why I went out of my way to use Molly (a fork of Signal), since it supports delivering the push notifications through a self-hosted server instead. Unfortunately the process is complex: it requires both a method to deliver the notifications to your phone via UnifiedPush (an alternative to Google's push system that generally suffices on its own) and a compatibility service called MollySocket (that bridges Signal's notifications with the UnifiedPush provider). Both typically need a self-hosted server and specific configuration to talk to each other though. And I don't even have any contacts that use Signal anymore, so, well...!

[–] Redjard@reddthat.com 4 points 1 month ago (1 children)

You can use push providers if you trust them. For example mozilla hosts one.

The MollySocket service also does not need and does not have decryption keys, only keys to request encrypted messages from signal servers. Still not something I would want to run on someone elses server without serious privacy considerations.

[–] csolisr@hub.azkware.net 8 points 1 month ago (1 children)

Yup, that's why I use my own server to host both MollySocket and UnifiedPush (via NTFY).

[–] skyline2@lemmy.dbzer0.com 2 points 1 month ago (1 children)

NTFY can provide UnifiedPush? I didn't know that!

[–] csolisr@hub.azkware.net 2 points 1 month ago (1 children)

Yes, you only need to ensure your instance of ntfy allows public access to all items with the up prefix in the settings.

[–] csolisr@hub.azkware.net 1 points 1 month ago

Oh and then set your mobile app to enable UP in the settings of course!

[–] non_burglar@lemmy.world 15 points 1 month ago (1 children)

That is correct.

However, this is a quasi-monopoly by google having quietly overwhelmed the space. Same thing for RCS messaging.

Neither push notifications nor RCS are proprietary, so there is a possibility to tear oneself from google here.

For instance, there are several free and paid push notifications services. Pushbullet is a popular paid one, not too expensive. I personally use https://ntfy.sh/, which can be self-hosted.

RCS is different because trusting the encryption keys makes RCS work, so there would have to be a critical mass of buy-in to use an alternative to google's RCS implementation.

[–] voxel@feddit.uk 1 points 1 month ago (1 children)

RCS is off-topic.

Regarding Push, there is UnifiedPush which has already seen a wide adoption, e.g. Matrix. That's also the one used by Nfty. It's free and opensource and can be used by anyone.

[–] non_burglar@lemmy.world 6 points 1 month ago* (last edited 1 month ago) (1 children)

RCS is off-topic.

Disagree, it serves to illustrate the same kind of monopoly google has on push notifications.

UnifiedPush is not a push service, it is a distributor. It is a proxy for push services, it does not send out its own notifications.

Also, ntfy does not need to use unified push, it simply makes put or post notifications, like it does in the self-hosted version. The public instance of ntfy does use unified push, yes. For instance, I do not want my http push notifications flying around in plain text with notifications about my private services being up or down, so I don't use one. I arrange the connectivity to my applications myself.

Here again, google has done us all a disservice by obscuring the difference.

[–] Aporia@lemmy.ml 8 points 1 month ago* (last edited 1 month ago) (1 children)

From what I recall, Google would be able to see our device received a notification and when but not the actual message nor sender/recipient identity.

I think that's fine for my threat model.

Molly seems like a potential alternative though since its a signal fork and supports UnifiedPush so you can choose a different notification supplier like ntfy or sunup

[–] Squizzy@lemmy.world 2 points 1 month ago

They see cintents if the contents is displayed in the notification

[–] Gulliver@lemmy.zip 2 points 1 month ago

you can choose websocket on signal instead of Google unified push