We posted a recent Vice article about the US government requesting nearly all Apple and Google push notifications:
This article discusses how these companies are now coming forward and being honest for the first time about the high quantity of requests they are getting, after a senator made it public. One of our readers on Nostr asked “I can’t switch to Graphene, what can I do?”
Well obviously switching to an operating system that isn’t maliciously collecting the data to begin with is the ideal solution. However, if you can’t do that, there are some steps you can take.
Step 1) Using apps that hide push metadata
Google and Apple push are connected to an identifier. Consider using apps where your identity in the app itself, is completely disconnected from your Google or Apple ID. Session messenger is a perfect example of this, with Google push being unable to even see what random numbers/letters your Session account is. But Google can tell you are using Session. SimpleX is another example of this. Signal hides who the sender is, but to a lesser degree. [see our previous articles on Signal]. Don’t get too comfy here, you’re still being spied on through the operating system.
Step 2) VoIP
SMS is not encrypted, but at least you’re not getting the SMS from the same cell tower giving you service. This separates it so that one company sees the messages, and another sees just a VPN tunnel. Powerful governments can put the puzzle together, but the phone companies can’t. You want to use a service that is disconnected from Google/Apple push identities, so JMP.chat is a good example is as it’s routing it through your custom XMPP/Matrix account. While as Hushed is a bad example, since the relies on Google push to deliver.