Push Notifications

Hardware Librem 5
1

I’ve been searching and haven’t been able to find any discussion about how push notifications might work on the Librem 5. To me that’s one of its most distinguishing features. Question 1: Has there been some discussion I’ve missed? I would enjoy reading any links.

In the absence of any other information I’m assuming that the phone is basically like a Linux desktop. Unlike iOS and MacOS (APNS), Android, Windows (WNS), or Firefox (Mozilla Push Service) it presumably will not maintain a TCP connection to a device-specific vendor, which would make itself the arbiter of any realtime information from the Internet to the phone.

And holy cow is that awesome! IRC can run indefinitely. XMPP works as designed. Get your Matrix notifications via WebSocket. But at the same time there are reasons why the market has gone the way it has. Every application having its own TCP connection uses more energy/data than one TCP connection. Every application polling on the regular is kind of naff and uses even more energy/data. App developers are going to have to be very careful that they don’t ruin their users’ batteries. (Sad to say, IRC is going to do that if you hang out in busy channels. It just doesn’t have the protocol features that mobile users need.) Most likely, FOSS developers will be more motivated to respect their users’ devices than to “ship it”. But don’t make assumptions.

Thoughts, anybody?

2

I look forward to hearing what more informed people know about how push notifications will work, but I have a couple thoughts to contribute to this discussion:

  • I’d take the privacy/security trade-off of per-app connections (versus single tunnel to a vendor) any day.
  • The cost of data has lowered while bandwidth has increased year over year since forever, so I’m of the opinion that a little overhead for the price of better separation/security is worth it.
  • I wonder if the FOSS dev community will face a paradigm dilemma in the near future, whereby app design is influenced by battery saving than anything else, for the reasons you specified. Maybe batching will become more popular?

You bring up an interesting point.

3

About privacy, if you look at how web push notifications are implemented, it’s quite good for privacy since the push server only sees and opaque encrypted blob: the device has the per-subscription private key and the app server sending the notification the public key to encrypt. It’s true that the push server knows where you are getting notifications from though.

4

That, and by principle you’re putting all your eggs in one basket. Even if you trust Apple or Google, that’s not a great plan; you can’t trust a company to not get breached.