#push-notifications — Public Fediverse posts

🕵️‍♂️ Ah, the OVMS! Because what’s more thrilling than staring at your phone, obsessing over your car's tire pressure while pretending you're saving the world? 🔋🤳 Fear not, they'll send you a PUSH alert when your car decides it's had enough of being your glorified Tamagotchi. 🚗💨
https://www.openvehicles.com/home #OVMS #TirePressure #CarTech #PushNotifications #GadgetObsessed #Automotive #HackerNews #ngated

Do you use #Tuta as email provider?

Are you simply interested in more apps and services supporting #UnifiedPush?

Let's make some noise on Github!

https://github.com/tutao/tutanota/discussions/10816

@unifiedpush @Tutanota

#LibreSoftware #FOSS #FLOSS #Android #PushNotifications

FYI: YouTube stops push notifications for inactive subscribers in new rollout: YouTube stopped sending push notifications to inactive subscribers who ignore alerts, based on experiment results showing fewer viewers disabled notifications. https://ppc.land/youtube-stops-push-notifications-for-inactive-subscribers-in-new-rollout/ #YouTube #PushNotifications #SocialMedia #DigitalMarketing #SubscriberEngagement

ICYMI: YouTube stops push notifications for inactive subscribers in new rollout: YouTube stopped sending push notifications to inactive subscribers who ignore alerts, based on experiment results showing fewer viewers disabled notifications. https://ppc.land/youtube-stops-push-notifications-for-inactive-subscribers-in-new-rollout/ #YouTube #PushNotifications #SocialMedia #DigitalMarketing #ContentCreators

YouTube stops push notifications for inactive subscribers in new rollout: YouTube stopped sending push notifications to inactive subscribers who ignore alerts, based on experiment results showing fewer viewers disabled notifications. https://ppc.land/youtube-stops-push-notifications-for-inactive-subscribers-in-new-rollout/ #YouTube #PushNotifications #InactiveSubscribers #SocialMedia #DigitalMarketing

FYI: YouTube ends push notifications for inactive subscribers in new rollout: YouTube is stopping push notifications for inactive 'All' subscribers, based on experiment results showing fewer viewers turned off notifications entirely. https://ppc.land/youtube-ends-push-notifications-for-inactive-subscribers-in-new-rollout/ #YouTube #PushNotifications #Subscribers #SocialMedia #DigitalMarketing

iOS 26.4.2 fixes an issue where deleted push notifications could remain in a local database, exposing data accessed via law-enforcement tools 🔐
Apple adds improved redaction; EFF flags risk in local/cloud notification handling; Signal welcomes patch, urges limiting notification content 🔐

🔗 https://www.engadget.com/cybersecurity/apple-rolls-out-ios-2642-to-fix-a-flaw-that-allowed-the-fbi-to-access-push-notifications-201153603.html

#TechNews #Apple #iOS #iPhone #Privacy #Security #FBI #Signal #EFF #PushNotifications #Encryption #Surveillance #DataProtection #MobileSecurity #CyberSecurity #Mobile #Smartphone

loops community about to eat 🔥

#UsernameChanges #DirectMessages #PushNotifications #StarterKits #CuratedOnboarding #Loops

How #PushNotifications Can Betray Your #Privacy (and What to Do About It) https://www.eff.org/deeplinks/2026/04/how-push-notifications-can-betray-your-privacy-and-what-do-about-it

Get notified when your Loops video is finished processing and is published!

Available soon!

#Loops #PushNotifications

Loops + Push Notifications are almost here!

Stay tuned, we'll be shipping a new TestFlight release with push notification support later this week ✨

https://github.com/joinloops/loops-server/commit/4f292b301ce39e3d0852aabebaff93fa6a391892

#Loops #PushNotifications

Wochenrückblick, Ausgabe 137 (2026-15)

Themen:

📱 Wieder eine App weniger, die mir Push-Nachrichten schicken darf

🌤️ Es ist noch nicht warm genug, aber wenigstens blüht es überall

🗺️ Bikerouter I: Wieder mal ein neuer Server

🗺️ Bikerouter II: Nächstes praktisches Feature steht in den Startlöchern

🔪 Upgrade für den Nassschleifer: Diamantscheibe

🔊 In dieser Woche gehört: Eric Prydz, Adam Beyer, The Digital Blonde, Taberia

#Wochenrückblick #Deutschlandfunk #Apple #iOS #PushNotifications #Frühling #Bikerouter #Nassschleifer #Techno

https://www.marcusjaschen.de/blog/2026/2026-15/

Loops + Push Notifications ⚡️

Available soon!

#Loops #PushNotifications

The next Loops web/app release will contain:

- Comment media (image/gifv)
- Curated Onboarding
- Direct Messages
- Push Notifications
- Starter Kits

You will be able to share videos to your most recent DM conversations easily, with multi-participant support (aka groupchats)

One more thing, Kickstarter backers and early loops.video users will be invited to the Sup early alpha after this release!

#Loops #DirectMessages #PushNotifications #StarterKits #CuratedOnboarding

@visuallyperfect MAX как кейс: типичные баги, архитектурные провалы и почему это закономерно

Если отбросить маркетинг и смотреть на MAX как на инженерный продукт, то картина довольно прозрачная: перед нами типичный “быстро собранный мессенджер”, который пытаются масштабировать раньше, чем он стал устойчивым.

Разберём по слоям.

---

1. Доставка сообщений: не гарантия, а вероятность

Симптоматика знакома: — сообщения приходят пачками
— дублируются
— часть переписки просто исчезает

Это классический признак плохо настроенной eventual consistency. Судя по поведению, backend не обеспечивает строгую гарантию доставки (at-least-once / exactly-once), а плавает где-то между retry-логикой и race conditions.

Что это значит на практике: — повторная отправка → дубликаты
— сбой на клиенте → рассинхрон
— reconnect → “догоняющие” сообщения

Если система не умеет детерминированно разрешать конфликты — это не баг, это следствие архитектуры.

---

2. Push-уведомления: рассинхрон между слоями

Типичный кейс: — пуш пришёл → сообщения нет
— сообщение есть → пуша нет
— всё приходит через 10–15 минут

Основной подозреваемый — интеграция с Firebase Cloud Messaging.

Но проблема глубже: — нет единого источника истины (source of truth)
— пуш и сообщение живут в разных транзакционных контекстах
— отсутствует нормальная idempotency

В нормальной системе push — это просто триггер, а не отдельная сущность с собственной логикой.

---

3. Клиент: UI как узкое место

Фризы, дерганый скролл, зависания — это не “мелкие баги”, это сигнал:

— список сообщений плохо виртуализирован
— перерасчёт layout идёт на основном потоке
— есть memory leaks

Типичный стек-проблем: — RecyclerView захлёбывается на больших чатах
— битмапы не освобождаются
— кеширование сделано “на глаз”

В результате: UI начинает быть bottleneck быстрее, чем сеть.

---

4. Медиа: слабое место всех “быстрых” мессенджеров

Симптомы: — фото не уходят
— видео ломается
— загрузка зависает

Это почти всегда: — нестабильный upload (chunking / retry)
— проблемы на CDN
— отсутствие контроля целостности

Если нет нормального pipeline: encode → upload → verify → deliver
— медиа будет ломаться системно.

---

5. Сессии и авторизация

Самый раздражающий класс багов: — выкидывает из аккаунта
— слетает история
— “переавторизуйтесь”

Это почти гарантированно: — проблемы с токенами
— гонки при обновлении сессии
— рассинхрон между клиентом и сервером

Если auth не атомарен — вся система начинает вести себя хаотично.

---

6. Краши и память

Если приложение: — падает при отправке файлов
— жрёт RAM
— умирает в фоне

значит: — lifecycle не контролируется
— ресурсы не освобождаются
— тестирование на edge-кейсах отсутствует

Это не “надо допилить” — это долг на уровне архитектуры клиента.

---

7. Безопасность: отсутствие ясной модели

Ключевой вопрос — не “есть ли шифрование”, а: кто контролирует ключи и где происходит дешифровка?

Если нет прозрачной end-to-end модели, как у Signal, то: — сервер потенциально видит всё
— безопасность декларативная

Даже Telegram с его спорной моделью MTProto выглядит более зрелым решением на фоне MAX.

---

8. Масштабирование: система не держит нагрузку

Периодические “падения” — это не случайность.

Это означает: — нет горизонтального масштабирования
— нет нормального load balancing
— система не тестировалась под реальную нагрузку

Типичная ошибка: сначала релиз → потом попытка масштабировать → потом firefighting.

---

Итог

MAX — не “глючный мессенджер”.

MAX — это: — backend без строгих гарантий
— клиент без оптимизации
— инфраструктура без запаса прочности

Все наблюдаемые баги — не случайные. Они логично следуют из архитектурных решений.

---

Почему это важно

Такие системы создают ложное ощущение стабильности: пока нагрузка низкая — “вроде работает”.

Но при росте: — баги становятся нормой
— доверие падает
— продукт превращается в технический долг

---

Коротко

Если описать одной строкой:

MAX сейчас — это не продукт уровня production-grade мессенджера, а MVP, который по ошибке выпустили в массовое использование.

---

Если нужно, могу разобрать: — как бы выглядела нормальная архитектура такого мессенджера
— или сравнить MAX с WhatsApp / Signal / Telegram на уровне протоколов и backend-дизайна

#MAX
#Мессенджеры
#Инженерия
#SoftwareEngineering
#Backend
#DistributedSystems
#EventualConsistency
#MessageQueues
#PushNotifications
#FCM
#AndroidDev
#MobileDev
#UX
#Performance
#MemoryLeaks
#Scalability
#Reliability
#HighLoad
#DevOps
#Microservices
#CDN
#Security
#EndToEndEncryption
#Signal
#Telegram
#ITАнализ

Lifehacker: How to Manage Your Increasingly Desperate App Notifications. “According to a 2025 analysis from the Reuters Institute for the Study of Journalism, news publishers have increasingly relied on push notifications to reach their audiences, as a way to avoid relying too much on platforms like Google or social media apps. However, this bid for direct attention comes at a cost—and in the […]

Loops Admins: Enabling Push Notification support is as easy as toggling a switch.

Unlike Pixelfed, we don't require you to request an API key.

Instead, I engineered a clever automated attestation authorization system using a combination of HTTP Signatures and API keys for optimal performance.

In the next release, you will be able to pick either a Canada or Europe based push relay server. ✨

I don't think any other fediverse app supports that. 💅

#Loops #PushNotifications

How do I install notifications on my GoToSocial server?

#GoToSocial #fediverse #mastodon #pushnotifications #selfhost #server #tech #tutorial #vapid #notifications #decentralized #openweb #privacy #setup #admin #fedi #gotosocialtips #selfhosting #config #realTime #community #indie #web3

Oh joy, yet another app promising to rescue us from the tyranny of push notifications 🚨🙄. Apparently, blocking your mom's texts is now "advanced firewall" technology—because ignoring your phone was just too simple. But hey, at least it’s all offline, so no one's tracking your precious spam! 🕵️‍♂️🔒
https://donotnotify.com/ #pushnotifications #apptechnology #privacyonlineoffline #humor #HackerNews #ngated

Mirage News: Email Alerts Spur Database Use for Safer Prescribing . “A new randomized clinical trial finds that simple reminder emails substantially increase clinicians’ use of a database that supports safe prescribing of opioids and other drugs, even though opioid prescribing patterns themselves did not meaningfully change during the study period.”

Mashable: Gambling online? Try turning off push notifications.. “While push notifications may be standard business practice these days, experts say they encourage people to spend more time and money gambling than they otherwise would, similar to other aspects of gambling app design.”

https://rbfirehose.com/2025/11/11/mashable-gambling-online-try-turning-off-push-notifications/

How you actually should respond to that “183 million credentials leak”

There’s a new Forbes article floating around about the trove of 183 million credentials that were recently leaked to Have I Been Pwned. The articles makes a big deal about the fact that there were “Gmail passwords confirmed” in the leak. Let’s break down why it’s a bad article and what you should have been told instead.

The article makes a big deal of the fact that “Gmail passwords” were included in the leak without saying a single word about the fact that your Gmail password is also your Google password. Google Photos, Google Docs, Google Drive, any site you’ve used “log in with Google” on… all these are compromised if your “Gmail password” is. It’s kind of laughable that this article goes to some effort to fearmonger about compromised “Gmail passwords” when the problem it’s trying to scare people about is actually worse than it says it is.

While the article understates the damage from the leak in that way, it overstates it in another. This article, and others that have reported about this leak, fails to provide the important context that if you practice decent device hygiene and your devices have not been compromised by infostealers, then none of your account passwords are in this leak. Furthermore, because we all have many accounts and infostealers vacuum up credentials from all of them, my guess is that you would have to divide that number by at least 3 or 4 to arrive at a reasonable estimate of the number of impacted people, which is far more relevant than the number of impacted accounts. Given that there are billions of people in the world who log into websites, and we’re talking maybe 20 million people affected by this leak, it’s actually pretty unlikely that you are.

Once the article is finished both understanding and overstating the problem it’s reporting on, it gets around to telling you what it thinks you should do about it, and it gets that wrong too.

• When discussing how your password manager can help protect you against compromised passwords, it focuses entirely on the Chrome password manager; there isn’t a single word about how other password managers offer similar features and protections. Maybe the author should have done some real research and reporting here rather than just paraphrasing the press release Google sent him.
• It focuses on people enabling 2-step verification on their Google accounts—again, just quoting from Google—rather than making it clear that they should be using strong two-factor authentication or passkeys for all of their accounts, wherever it is offered.
• It makes a brief nod to the fact that you should not be reusing passwords on multiple websites without making explicit that the best way to do that is to use a password manager, which everyone should be doing; “if you are a user of the Chrome password manager” is not the same as “you should be using a password manager!”
• It doesn’t say a single word about the fact that if your data is in this leak, then one of your devices was compromised, and you need to clean your devices and practice better device security practices in the future. Yes, how to do all this is beyond the scope of an article like this, but the article should at least mention it and linked to some outside sources for more information.
• While it does hint (under the misleading heading “What We Know About The 183 Million Passwords Data Leak”) that everyone should register with Have I Been Pwned to get notified automatically about breaches or leaks that impact them (well, aside from the ones HIBP is legally prohibited from warning you about), it is far less explicit about this than it should be.

Here’s the TLDR

• This isn’t just a Gmail problem.
• Register at Have I Been Pwned if you haven’t already.
• Practice good device security hygiene. Most importantly:
  • keep your OS and apps up-to-date;
  • keep your device security software enabled (macOS, Windows, iOS, and Android all have it built in; you probably don’t need to pay for a third-party antivirus tool);
  • keep the malware protections in your web browser enabled; and
  • if you keep important data locally on your device, back it up following the 3-2-1 rule.
• Change your passwords for any of the sites HIBP says have been compromised, if you haven’t already. While you’re doing that, enable strong 2FA (not email or SMS) or set up a passkey.
• Use strong 2FA or passkeys everywhere else.
• Use a password manager for all of your passwords, and use long, random, unique passwords generated by the password manager.
• Don’t invite hackers onto your device by falling for tech-support or ClickFix scams or enabling browser notifications from shady websites.

*sigh* OK, that last point isn’t as obvious as the previous ones. I can’t with a straight face explain them in a section entitled “Here’s the TLDR”, so I suppose this article needs to be a bit longer…

What are tech-support scams and how to avoid them

If anyone you don’t know tells you they’re helping you fix a problem with your computer and they need you to give them remote access or run some commands they send you, they are almost certainly scammers and you absolutely should not do what they’re asking.

If you suddenly see a pop-up on your computer telling you it’s compromised or broken and giving you a phone number you should call or website you should visit for help getting it fixed, this is almost certainly a scam and you should ignore it. If they’ve managed to make the message fill up the whole screen and you can’t figure out how to get rid of it, then this is even more true. The more flashier and loud the warning is, the more likely it is that it’s a scam.

Do not ask the bad guys how to make the message go away. They will manipulate you into compromising your computer. Ask someone you know in person for help. If you don’t have anyone to ask, call Geek Squad and ask them to come out and help you and show you how to get rid of the messages yourself next time. Believe me, paying Geek Squad a couple hundred dollars is preferable to giving hackers the run of your computer.

Also don’t fall for it if someone calls you randomly on the phone and tells you they’re from “tech support” or Microsoft or Apple or Google or whatever and they’ve detected a problem with your computer and they’re calling you to help you fix it. No one calling you on the phone to tell you they’ve detected a problem with your computer is legitimate.

What are ClickFix scams and how to avoid them

If a message pops up on your computer saying you need to copy and paste a command into a command prompt, the Windows run prompt (Command-R), your browser’s developer console, etc. to fix something, or to get through an “are you human?” check, it is a scam and you shouldn’t do it. The website you’re visiting is compromised, and the people who compromised the website are now trying to compromise your device as well.

These attacks often show you an innocent-looking command they’re telling you to copy and paste and say “Click here to copy this command,” but in fact when you “click here” it copies a malicious command that’s different from what they showed you. If you find that a bit difficult to grasp, think about the fact that this link doesn’t point to a website called “this link”.

Stop enabling crappy browser browser push notifications, just stop

There are a lot of shady websites out there trying to trick you into visiting them instead of the legitimate website you actually intended to visit. And for many of these shady websites, the very first thing they will do when you visit their homepage is pop up a message asking you to let them send you notifications. The pop-up often doesn’t even use the word “notifications”, it uses exciting, useful-sounding language, e.g., “Click here to to keep getting important news updates!”

If you’re the kind of person who tends to end up on these shady websites and say yes when asked to allow notifications, then you probably already know it, because you’re probably already getting notifications from them constantly.

Stop letting them do that to you.

These constant notifications are literally unhealthy, but aside from that, they’re also a security risk, because they are often used as a vector for tech-support and ClickFix scams.

You don’t need the notifications. You don’t need the constant dopamine hits. They are not healthy or safe.

Every browser is a little different, but you can search for, e.g., “Edge disable push notifications” or “Chrome disable push notifications” to find out how to turn off these notifications for the browser you use.

If you are absolutely certain there is a completely legitimate website you want to allow push notifications from, you can enable notifications manually for that specific website. This is usually accomplished by clicking a button or something to the left of the website URL at the top of the browser window to view and update the browser settings for this particular website.

#2fa #breach #ClickFixScam #Forbes #Gmail #Google #HaveIBeenPwned #HIBP #passkeys #pushNotifications #techSupportScam

In other good news, using our community-hosted NextCloud service for push notifications is working now on both my Matrix accounts 🥳

Had to install NextPush to get it working with ElementX, but that was pretty quick and easy. I just installed it, logged in to NC and approved the app, and restarted ElementX. Voila! No more error messages.

@lightweight

#NextCloud #NextPush #PushNotifications

Engadget: Chrome update aims to automatically turn off unwanted notifications. “Chrome is getting a new feature aimed at cutting back on notification overload. If enabled, Chrome can now revoke notification permission for websites that the user hasn’t interacted with recently. It’s a similar option to the automatic actions taken by Chrome’s Safety Check for apps such as the camera or location […]

https://rbfirehose.com/2025/10/13/engadget-chrome-update-aims-to-automatically-turn-off-unwanted-notifications/

Okay this REALLY needs to frakking stop NOW. It’s bad enough that some apps immediately throw up a message on launch forcing you to update it before the app can be used.

NOW I’m seeing apps pop frakking push notifications multiple times, even when I haven’t used the app in days, telling me I need to update it to continue using it.

#PushNotifications are horribly abused, #Apple. STOP THIS!

After three years of relentless tracking, we’ve published a [paper](https://blogs.infoblox.com/threat-intelligence/vextrios-origin-story-from-spam-to-scam-to-adtech/) that, for the first time, exposes the true identities behind VexTrio. This research connects real names to the various companies that form the VexTrio ecosystem. It begins with the origin story—how a group of Italians launched a successful spam and dating business. Over time, VexTrio expanded its operations into malicious adtech and online scams. For over a decade, the group employed deceptive tactics to defraud countless innocent internet users. These illegitimate gains funded the extravagant lifestyles of VexTrio’s key figures—who, despite increasing scrutiny, have yet to be fully stopped.

We’re deeply grateful to all the contributors who helped us reach this research milestone, especially @rmceoin and Tord from [Qurium](https://www.qurium.org/).

#dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #adtech #maliciousadtech #advertising #affiliates #scam #notifications #pushnotifications #tds #trafficdistributionsystem #spam #italy #russia #belarus #dating #clickallow