>In my country 95% of people don't mind Meta tracking their location with WhatsApp
Source? Seems unlikely given that both android and ios has location permissions and keeps track of whether it's used. Non-consensual (ie. you're not specifically using some location sharing feature or whatever) is very likely to be caught and cause a publicity shitstorm.
>Yet these jackholes can just snag it whenever because, ya know, profit. That is obviously insane. Our corporate culture has driven our society insane with normalized greed. The unholy alliance of tech and marketing is largely to blame.
Nothing in the article suggests the cause of this is "greed". The protocols are vulnerable and various shady companies have been set up to exploit it, but that has nothing to do with "greed", any more than the fact that there are shady hosters for spammers[1] are caused by "corporate culture has driven our society insane with normalized greed"
>I can get the same computing power out of a single Mac Mini 32 GB that I get from from an AWS virtual machine that costs hundreds of dollars per month.
This quickly breaks down when you're talking about large models that needs terabytes of memory to run[1]. There's no way that you're going to be able to amortize that for a single person.
Right, but what are you going to do with small models? If your time is worth anything at all you'd pay for the $100 claude code/codex pro subscription, rather than fumbling around with the models quantized enough to fit on your mac.
If you're building agentic processes (harnesses) for business processes local models are a great way to do that, while keeping your data, and any personal data, private.
If you're vibe coding a codex/claude subscription makes more sense as a more polished experience.
I don't vibe code, but I use self hosted models with codex for code review and snippet generation.
> Apple and Google have put themselves in the middle of most notifications, causing the contents to pass through their servers, which means that they are subject to all the standard warrantless wiretapping directly from governments, as well as third-party attacks on the infrastructure in place to support that monitoring.
>If you don't want end-to-end messages made available to others, set your notifications to only show that you have a message, not what it contains or who its from.
This incorrect on two counts:
1. As per what you wrote immediately before the quoted text, the issue was that the OS keeps track of notifications locally. Google/Apple's notification servers have nothing to do with this
2. It's entirely possible to still have end-to-end messaging even if you're forced to send notifications through Google/Apple's servers, by encrypting data in the notification, or not including message data at all. Indeed that's what signal does. Apple or Google's never sees your message in cleartext.
If Signal wants to show you a notification with message text, it needs to put it on the screen through an OS service. That service was storing the plaintext on the device.
Through an OS service yes, but not a hosted backend service. Obviously that service has store the notification in plaintext (although everything on an iPhone is encrypted at rest, but notification crypto keys have to stay in active memory for the lock screen to work), otherwise it wouldn’t be able to display the notification text.
Apple support applications sending encrypted notifications, where the OS launches the app the decrypt the notification body locally and pass it back to the OS for display.
I think the idea here is that the notification text was also being put somewhere else that was not really tied to the lifetime of it being shown on screen.
This thread is about Apple servers accessing the contents. Of course the OS has access to the contents of your messages, how else do you expect it to show a preview of the message? Do you want each notification to be a custom-rendered widget from the app?
If the contents are that sensitive you must disable the preview. Even then, the OS has access to the pixels in your app so it really is a moot point.
They have to. The device storage is itself encrypted, so the FBI already broke into the phone. When the device is unlocked, notifications are visible by design and therefore available in plain text to the user. The edge case is with disappearing messages, a feature Apple did not build for. The message is intended to be plainly visible to the user, but only for a controlled time on the assumption that the users privileges may eventually be compromised.
This makes for a very odd and specific interaction with a 3rd party feature. Security is a hard problem.
This wasn't a disappearing messages case, this was a case where they had uninstalled Signal entirely, including all their messages. But Apple was storing the received message text from the notification in its local database. I don't think it is edge case, in that if someone uninstalls their Whatsapp or Signal or whatever, or they delete a chat/message within that app, that it should be gone off your phone. The OS storing end to end encrypted message content in notification history for no reason (why store content in a database at all) makes message deletion work differently than most people would expect, so it doesn't feel like an edge case to me.
Signal (at least on iOS) has a setting called "Notification Content" which defaults (unsafely in the light of this bug) to "Name, content, and Actions", but allows you to select either "Name Only" or "No Name or Content".
I assume that "Name only" option results in the push notification only sending "Signal message from Bob", and the "No Name or Content" one only sending "You have a new Signal message" - instead of the whole "Signal message from Bob: Let's rob the bank tomorrow!"
If I could have it work the way I'd prefer, Signal would let me set those Notification Content on a per contact and per chat basis - so I could set my bank robbing crew and group chats to "No Name or Content" while leaving mom and the family group chat on "Name, content, and Actions".
(But realistically, if I _did_ have a bank robbing crew they'd all be on my burner phone, not the phone I do family group chat with.)
Side note: FaceID only unlocks if you actually look at the screen. If you’re careful to avoid that, one would have to physically force your eyes to do that without also covering other necessary areas of your face.
A kid and I sometimes engage in a game where they try to get me to look where necessary, so far without success.
This is correct, but my understanding of it is that the push notification (which is not the same thing as the actual "Notification" that is shown on the screen) basically contains a "hey $DEVICE, go talk to $APP_NOTO server they got something for you".
APNS just taps on the device's metaphorical shoulder and hands them a courtesy phone "call for you sir"
For a standard notification the content of that notification is sent through the push notification servers. This includes the title, text, icon, grouping, and sound presets to use. The majority of user-visible notifications are sent this way - the app on the device does not run.
That allows the OS to display your notification without ever running the app, which saves limited resources on the phone. Originally this was the only option, a push notification couldn’t start your app.
These days an app can also register a notification extension which is a standalone program that can modify the incoming notification. It has 30 seconds to do whatever it needs to, though you need to be careful with RAM use or the OS will kill the process and present the notification unaltered. Generally you’d put something generic in the push as a fallback.
There’s also background notifications. These let the app run for 30 seconds and the app can post a local notification during this time, but they’re not guaranteed to be delivered. The OS can decide the system doesn’t have the resources and defer or drop them, or terminate the app before it’s finished if the ram is needed elsewhere.
There are some other special cases depending on what your app does.
Work uses Webex. I had work webex installed on my phone. My password changed on my account in the office, if i try to open Webex on my phone I would be prompted to re-authenticate which I would never do because it required 2FA and the token generator is on my laptop which I generally wouldn't have with me when using my phone.
However, despite not being able to open the app as my account, I was still getting full messages in the push notification for anyone who had messaged me recently while the app was functioning. Anyone new would pop up as 'Message From X'.
Apps (such as Signal) that care about end-to-end encryption do their own key management. So, Apple / Google servers only ever see ciphertext, and don't have access to the key material that's used for the encryption.
Afaik, e2e messengers don't include ciphertext with push notifications. It's an empty push to wake the client. Then the client contacts the origin to fetch the ciphertext.
A Signal developer 12 days ago said Our FCM and APN notifications are empty and just tell the app to wake up, fetch encrypted messages, decrypt them, and then generate the notification ourselves locally.[1]
You don’t need a rooted phone. An open source OS with reproducible builds is enough. That way you can validate what the code does without giving up verified boot, or opening up another attack vector, etc.
1. I need to be able to change SSL root cert, disable SSL cert pinning, and intentionally MITM installed apps and see what they are sending about me to their servers. Open source OS isn't enough if the apps aren't open source.
2. "Apps sending information about me to their motherships that I don't consent to them sending" is a MUCH bigger problem these days than people messing with SSL, so I accept the risks of (1)
3. Verified boot is big brother's dream. I want to be able to verify my own OS.
Those notifications are transfered peer to peer (from your Phone to your computer) using Apple Wireless Direct Link. The contents are encrypted using AES-GCM.
talking totally out of my ass, but apple seems to have robust infrastructure for e2ee communication between your devices, for example it is known that location information in find my is not visible to apple. I’d be surprised if the channel to send iphone notifications to your mac wasn’t also e2ee
Unless something has changed since I last did this, the app's server initiating the apns doesn't encrypt using some public key for the destination. So no e2ee at that layer. But you could encrypt the payload and have the app decrypt it if you're managing the keys yourself.
Everything from dog fighting rings to child trafficking has dedicated non-profit organizations with paid or volunteer staff doing investigative work. They collect OSINT, do surveillance, and yes, pay informants. As long as you don't break the law in the process (like doing surveillance from private property), you can build evidence to turn over to law enforcement to help open a case.
Something important to note here is informants aren't always in the organization or participating in the activity. It could be a truck stop attendant who texts you when the same guy stops in to buy a case of water and then slips it under the roll up door on his cargo van, or a dishwasher at a cafe who noticed a group of guys with the same tattoo. Things that on their own don't rise to the level of someone calling the police. Payments help people who otherwise would keep their mouth shut because they are in financial situations where they can't afford to lose their job.
Why? It's not obvious why only cops can pay money for informants. You might say that they're paying criminals, but that's not clear either. The US has quite liberal free speech laws. You can say a lot of objectionable things without violating any laws.
I didn’t say they were paying criminals. I said they were paying KKK and Nazis. I made an analogy to firemen and arsonists to make the point that they were fraudulently creating demand for their services, not to suggest that who they were paying were criminals. It’s not illegal on the face to be in the KKK or to be a Nazi, though certainly member of those groups have committed crimes in the past. The SPLC was engaging in fraud (allegedly) by both supporting hate groups while raising money from their donors to counter hate groups. And they were setting up fraudulent bank accounts to hide the money flows.
This is not creating widgets or lines of code, not creating a product for consumption, this is fostering the development of inquisitive minds, hopefully encouraging them to become critical thinkers and ultimately the next generation of leaders who will push the bounds of human knowledge further than ever before.
Why would better tools be expected to do enable teachers to do that for more students at a time?
There is a lot of research out there showing worse educational outcomes as class sizes increase. This is one of the areas where wealth disparities in education manifest; rich areas tend to have smaller class sizes, and historically the very rich would pay for private tutors for their kids, whereas poor kids are stuck with bigger class sizes, less individual attention from educators, and typically average worse educational outcomes.
>This is not creating widgets or lines of code, not creating a product for consumption, this is fostering the development of inquisitive minds, hopefully encouraging them to become critical thinkers and ultimately the next generation of leaders who will push the bounds of human knowledge further than ever before.
There's plenty of drudge work teachers do that's not "fostering the development of inquisitive minds". Grading papers, preparing lesson plans, etc. I don't see why not at least some of that can be offloaded to AI.
> Why would better tools be expected to do enable teachers to do that for more students at a time?
Khan Academy showed that one great teacher distributed to millions does that pretty well. It doesn't make sense for every teacher in the country (the worst and the best) to create their own syllabus and teach the same thing over and over again.
Sure, let's have 100 child classes which are hell on earth for everybody involved, starting with the little kids who will literally be scarred for life from it.
Teacher costs should be going up as much as we can afford, to keep reducing class sizes as a fundamental part of quality education.
I agree that admin is ripe for efficiency gains. A local school district cut dozens of teaching roles, not even one person from their extremely bloated central administration. It's also out of touch with the schools with no campus visits, and serves mainly as a hindrance to any sort of actual work going on inside the individual schools. It's a horrible caricature of bureaucracy.
> Only if you assume if per-teacher productivity can't increase.
It can't.
The only axis upon which teacher "productivity" could increase is by increasing the size of their classes.
Every study and every practical example of doing that ever done shows that it negatively impacts student outcomes.
Not because the teacher is failing to be whatever it is you imagine "more productive" to be but because there is a minimum amount of attention needed per student for them to not fall through the cracks and one person's attention is not scalable.
> only axis upon which teacher "productivity" could increase is by increasing the size of their classes
And hours in class. Or productivity of time in class. I'm not saying the former is desirable or latter feasible. But the education "production function" has three inputs.
Oh, it definitely can, in a way very similar to the way you can dramatically increase doctor's success rates by being selective about who you treat.
Specifically: take the most disruptive students and eat them. (Be stealthy about it, the point is not fear of punishment.) The productivity difference between a classroom that spends 90% of its time on instruction vs 90% of its time on classroom management is massive.
That's why you have to be careful about applying business notions like "productivity" to governmental duties like education and mail and highways. (I dearly wanted to include healthcare or at least hospitals in the list, but I live in the US.) Businesses can and should be selective and take higher risks. For governmental tasks, productivity isn't even well-defined. If you're failing (or eating) 20% of your students but the other 80% are doing amazingly well, is that better or worse than 99% of everyone doing just okay? How about if everyone's test scores go up and practical ability goes to shit? (This is not a hypothetical, not where the kids have figured out how to use ChatGPT even for the tests. Which is a lot of places.)
Teaching is nowhere near Pareto optimal right now, so I'm not arguing in favor of the status quo. I'm just saying you have to be very, very careful when pushing for "productivity".
You could increase per teacher productivity by running 12 months of school per year, but you would increase costs; and in some parts of California, you would need to rebuild schools with air conditioning to hold classes effectively in the summer.
Covid showed distance learning doesn't work for most kids. So you can't eliminate real estate costs or hire educators in low cost areas. Computerized education doesn't seem to work, either.
>You could increase per teacher productivity by running 12 months of school per year
Productivity is output divided by some input, either labor or money. Working for longer isn't going to magically increase productivity.
>Covid showed distance learning doesn't work for most kids. So you can't eliminate real estate costs or hire educators in low cost areas. Computerized education doesn't seem to work, either.
Right, I don't have a specific solution for increasing teacher productivity, but it's not obvious that it's a law of economics that it can't increase. People thought lawyers and doctors couldn't be automated away, then came chatgpt.
> People thought lawyers and doctors couldn't be automated away, then came chatgpt.
Form contracts and will generators and what not was automation for lawyers. Plenty of enter symptoms to get a diagnosis stuff out there for doctors; or the more paletable, enter symptoms for charting, get a suggestion and enter medicines and get alerts about interactions.
>You should check out "model collapse". It seems that an abundance of content, that is more and more AI generated these days, may not be a viable option.
Doom-saying about "model collapse" is kind of funny when OpenAI and Anthropic are mad at Chinese model makers for "distilling" their models, ie. using their outputs to train their own models.
>As an example, in Jan 2026, Apple published iOS 12.5.8 which provides updates for iPhone 5s which released in Sept 2013. That's 12.5 years ago. The equivalent would be to connect to the internet using ADSL in Jan 2000 with your IBM PS/2 rocking in intel 8086, 512 kb of RAM and expecting an update for your DOS operating system.
The updates for ios 12 are all security updates, not feature updates, so your comparison to "connect to the internet using ADSL in Jan 2000 with your IBM PS/2 rocking in intel 8086" doesn't really make sense. The phones stuck on ios 15 are basically unusable because many apps don't support it anymore. At best you can download an older version from a few years ago, but that depends on whether the backend servers were updated. Apps that insist you use the latest version (eg. banking/finance apps) basically unusable.
Believe it or not, "apps" are an important "feature" of a smartphone, even if it's not theoretically bundled with it. Moreover it's not just banking apps, those are just the first ones to go, but any that don't keep backend compatibility will eventually break.
The entire point of the cellphone is that third party apps are required to live a modern life. If I cannot run the apps required to pay for a parking spot or perform a 2FA ritual then there’s really no point in even having a phone. The first party software isn’t compelling enough to justify the pocket space.
You could always keep your phone and get a second dirt-cheap phone just for the 2FA (or use your banks' non-phone 2FA methods). But if we take your requirement that one phone should be able to do everything that new phones can do, it's somewhat tautological that you have to replace your phone frequently to stay on the cutting edge.
Source? Seems unlikely given that both android and ios has location permissions and keeps track of whether it's used. Non-consensual (ie. you're not specifically using some location sharing feature or whatever) is very likely to be caught and cause a publicity shitstorm.
reply