cross-posted from: https://lemmy.crimedad.work/post/39255
Is self-hosted enough to avoid push notifications going through Apple and Google servers?
Would applications that don’t use GMS be compromised too? Example: everything from F-droid
I think unless they use netfy or a similar alternative then yes.
The vast majority of apps will be using GCM or FCM for notifications.
Now whether or not those push messages are encrypted/don’t contain private data is up to the app developer so how much is exposed can certainly vary.
I get it.
Indeed, it’s obvious now that even these apps would need to use Google’s APII stand corrected. Nope, apps from F-droid usually do not use GCM.I hadn’t heard of netfy before this, I’ll have to take a look. I’m assuming that’s an alternative FOSS framework for notifications? Can it be used as a drop-in replacement for most applications?
You’re right, for some reason I thought Firebase was allowed.
Yeah netfy is a FOSS notification service.
As to drop-in replacements, I don’t think such a thing really exists on the user side, this is fully up to the app developer in how they want to implement notifications.
To use netfy instead of FCM your app would need to be designed to do so or support it as an alternative option.