English

FP Open OS 16.06 with GApps Pico: No Push Notifications for Signal Messenger

Hey everyone,

I currently use FP Open OS 16.06 with GApps Pico for the Google playstore. Since the update from 16.05 to 16.06 the push notifications for the Signal Messenger have stopped working. I tried reinstalling GApps already, but no change so far. Push notification of other messengers (Whatsapp, Telegram) are still working. Did anybody experience a similar issue and maybe knows the reason behind that?

Cheers!

I run 16.06 with installed OpenGAPPS pico myself, and I have no problems with Signal.
I earlier used LibreSignal instead of Signal, but unfortunately Signal forbade LibreSignal to use their servers, which is when push notifications for LibreSignal stopped working (maybe two months ago). Since then LibreSignal got abandoned and is not further developed any longer.

Check if you really use Signal, or LibreSignal.

LibreSignal does not work anymore, Signal (at least on my phone) still does.

1 Like

There is a kind of app permission that is conceived at app install time. Google Cloud Messaging one (push notifications) is of this type.
Maybe something odd ocurred on the update and Signal lost that permission (this is hypothetical and never happened to me). You can try uninstalling Signal completely, rebooting (to be sure), and installing it again to ensure the permission is rightly conceived and GCM key is renewed.
Please note you should backup and after restore your conversations the way Signal recommends (if any, I don’t know how, I’ve never used it) or you will loose your messages since Signal servers doesn’t store any data.

1 Like

Thanks @Roboe, I think this was indeed the problem. Also moxie mentions that a “bad gapps install” can cause the problem. Whatever that means exactly:

https://github.com/WhisperSystems/Signal-Android/issues/970:

@oaim She’s not receiving GCM messages. That means either: 1. she has
background data disabled for TS or for Google services, 2. she has a bad
gapps install, 3. she has used something like titanium backup or
another backup/restore app, or 4. she’s on a network that blocks GCM.

So I think the solution is actually to reinstall Signal or in my case there was actually a Signal update in the PlayStore, which should be equivalent to reinstalling. This fixed the problem for me. What I didn’t like about reinstalling it, is that you can only backup your messages, but not your key, so everyone has to verify you again.

@freibadschwimmer: Seems like not many people in the community agree with forbidding LibreSignal. I actually can, since it’s the only way to ensure a verified build of Signal via the PlayStore. Otherwise there could be builds of LibreSignal or any other non-official implementation that contain ANY additional code, which would harm the trust in Signal. Also there is not really a metadata leakage by using GCM, since Google only gets to know the times you are communicating with anyone, but not whom. Although, I can of course understand the goal to get independent of Google.

For once, LibeSignal was in FDroid, so you can trust these packages as much as you trust other FDroid apps.
However, it is also possible to compromise Signal itself in the way you described: Since the source code is openly available, anyone can build a package by themselves. In fact, Moxie even recommends this to people who don’t want to use the Play Store.
So I see no reason why having LibreSignal around should make any difference in this particular regard.

2 Likes

That’s essentially the problem, I cannot trust the FDroid apps cause as far as I know they are not signed by the developer. Hence, my whole security model is undermined when I install apps from there or any other third party source for that matter. Moxie recommends building the app for yourself, so there is no one you have to trust. But he also says to never install apps from third parties, that means not using the build of anyone else. Having LibreSignal around would make people activating third party sources, which is already the problem.

PS: Please don’t get me wrong, I also want to get rid of google or any other centralised party, but at the moment I think Signal over the PlayStore is the best we can get.

Hahahaha. That argument of Moxie is great: Don’t trust anyone (just me)! But our app depends on Google’s closed source libraries to function properly, even to login! Which means your phone is already compromised by design. And we do not want a fork which solves that dependency with open protocols (LibreSignal, websockets).

I’ve tried to understand his point of view, sincerely. I’ve read tons and tons of GitHub issues and Twitter conversations. And I don’t.
I distrust Moxie and I distrust his company the same as I distrust WhatsApp and I distrust Facebook, Google, etc. (I don’t completely distrust their open source parts, of course)

I’m personally waiting for Briar for a private and full-independent messenger (distributed, anonymized, even internet independent)

5 Likes

Well, I don’t see why I necessarily should trust any developer more than FDroid (which is not one person). A developer has the possibility to compile a different code into the package than you would find in his github repo (or wherever the dev publishes the source code, if open source). In this regard I appreciate FDroid very much, as here you have an institution that pulls the open source code as it is published, and signs this build. But in the end it comes down to whom you trust. Of course you can also run your own FDorid server, but then we are again getting close to building apps yourself.

Btw. If you install FDroid as a system app, you don’t need to allow third party installs in Android, so you can keep this setting blocked, as it is by default.

5 Likes

thanks for this information – how exactly do you install something as a system app?

https://f-droid.org/repository/browse/?fdid=de.j4velin.systemappmover

2 Likes

If you prefer to not install an app for that purpose, you can simply move a downloaded apk file into /system/priv-app - though keep in mind, you need root privileges to do that.

See for example step 4. in the Open OS update guide on how to do that.

1 Like

This topic was automatically closed 183 days after the last reply. New replies are no longer allowed.