It’s not about the store, it’s about the notification.
As mentioned in the Time article:
the app is not available on Android because it “requires a device ID in order to send push notifications, which requires a user account and a password.”
How do you suppose APNS knows which device to deliver the notification to?
Something that… links it to the device? Like, a unique ID that Apple can identify?
It sounds like he thinks HE has to store this information, which is simply incorrect. It will obviously be stored by Google in Firebase, and by Apple wherever that gets stored, but HE does not have to store it.
I write apps for a living. I have users subscribe and unsubscribe to channels, and at no point is there a user account with password involved in either iOS or Android. If you want the memory of which channels they have subscribed to to persist across uninstall/reinstalls or different devices, then yes, but for an app like this you don’t need to persist those settings.
At any point the government could subpoena who’s received pushes (or at least, who’s registered to) from both Google and Apple.
I’m not the developer, but I do also write app backends for a living so I know there is some nuance that you’re skipping over in your response. But if you have a way to do this completely anonymous on android I’d suggest offering help to the developer who made this.
Something that… links it to the device? Like, a unique ID that Apple can identify?
APNS tokens are linked to the app install and renew on a certain timeline. Already making them not exactly the same as a device identifier.
i don’t think this other commenter was calling you out. i think they were just bringing up a point of discussion that’s relevant to the point you brought up
It has to do with receiving notifications from the app in a privacy-preserving way. Unless the app is running with a server connection 24/7 (RIP battery life) you need to rely on the OS to deliver notifications.
You don’t, there’s privacy respecting ways of delivering notifications in android.
Also, a 24/7 connection to a server isn’t nearly as bad as you might think.
The connection isn’t active the whole time, it only uses any significant amount of battery if there’s actually data being sent or received. You likely already have quite a few of them anyway, how do you think systems normally listen for push notifications?
Besides all that, I read in other comments that the privacy issue was the device id firebase needs. Obviously apple also needs some kind of device id, otherwise how do they know where the notifications are going?
Did some searching, yup apple also needs a unique identifier:
When it’s time to send a notification, you generate a request that contains the notification data and a unique identifier for the user’s device.
It’s really hard for me to understand how iOS is better in this sense. The only way to get this app is via the app store and the ONLY way to use the app store is be registering yourself with apple. Seems to me that you are tracked either way.
IMHO the devs probably wrote this in Swift and just don’t have experience working with android. Whole thing/story is just off IMO.
I’m really just sceptical about the whole thing being closed source really.
https://www.iceblock.app/
Is this only on Apple? Kind of lame.
Quote from some other place people were discussing it. Unfortunately no source on it.
EDIT: https://www.iceblock.app/android
There are other stores besides the playstore…
It’s not about the store, it’s about the notification.
As mentioned in the Time article:
Ntfy.sh
There are ways around that
You don’t need a user account or password to receive a push notification.
You just need to have the app installed. The app can be configured by the developer to receive push notifications.
And the developer needs a device ID for that. Which is their objection: https://www.iceblock.app/android
How do you suppose APNS knows which device to deliver the notification to?
Something that… links it to the device? Like, a unique ID that Apple can identify?
It sounds like he thinks HE has to store this information, which is simply incorrect. It will obviously be stored by Google in Firebase, and by Apple wherever that gets stored, but HE does not have to store it.
I write apps for a living. I have users subscribe and unsubscribe to channels, and at no point is there a user account with password involved in either iOS or Android. If you want the memory of which channels they have subscribed to to persist across uninstall/reinstalls or different devices, then yes, but for an app like this you don’t need to persist those settings.
At any point the government could subpoena who’s received pushes (or at least, who’s registered to) from both Google and Apple.
I’m not the developer, but I do also write app backends for a living so I know there is some nuance that you’re skipping over in your response. But if you have a way to do this completely anonymous on android I’d suggest offering help to the developer who made this.
APNS tokens are linked to the app install and renew on a certain timeline. Already making them not exactly the same as a device identifier.
Its totally possible to send notification without having user account, see firebase.
Good old firebase. Notifications are not entirely device local on android, or something like that.
Thanks, but I’m not the developer of the app so that’s not really relevant for me.
i don’t think this other commenter was calling you out. i think they were just bringing up a point of discussion that’s relevant to the point you brought up
There is side loading, they can just release it on GitHub.
That’s not how push notifications on android work.
That doesn’t have anything to do with how you install the app.
It has to do with receiving notifications from the app in a privacy-preserving way. Unless the app is running with a server connection 24/7 (RIP battery life) you need to rely on the OS to deliver notifications.
You don’t, there’s privacy respecting ways of delivering notifications in android.
Also, a 24/7 connection to a server isn’t nearly as bad as you might think.
The connection isn’t active the whole time, it only uses any significant amount of battery if there’s actually data being sent or received. You likely already have quite a few of them anyway, how do you think systems normally listen for push notifications?
Besides all that, I read in other comments that the privacy issue was the device id firebase needs. Obviously apple also needs some kind of device id, otherwise how do they know where the notifications are going?
Did some searching, yup apple also needs a unique identifier:
From https://developer.apple.com/documentation/usernotifications/setting-up-a-remote-notification-server
Apple notification identifiers are unique to an app install and regularly change though, so it’s hardly a device identifier.
It’s 1000% possible to use android apps without involving Google in any way.
Edited for further clarification. It’s not about Google, it’s about what Android needs to receive notifications: https://www.iceblock.app/android
It’s really hard for me to understand how iOS is better in this sense. The only way to get this app is via the app store and the ONLY way to use the app store is be registering yourself with apple. Seems to me that you are tracked either way.
IMHO the devs probably wrote this in Swift and just don’t have experience working with android. Whole thing/story is just off IMO.
I’m really just sceptical about the whole thing being closed source really.
fdroid?
It is only for iOS. I haven’t found a similar app for Android.
It’s important to buy devices that respect your privacy.