Being pretty much a 100% Chrome user, I've yet to click "Allow" when a site wanted to notify/spam/inundate me with shit from sub-companies or worse yet proxy spam me from paying 3rd parties because "well, you did opt in sir". The opt in popup box might as well read: "Are you an idiot? YES|MAYBE".
Not one time have I allowed it ever in all these years and I'm shocked anyone else allows it at all too. Not having considered it before but I'm really surprised this tech is on by default or even exists at all. It may have some neat IOT use cases but IOT has about a billion other notification options for machine/machine communications that are better. Thats the best I can do in terms of trying to argue theres a good aspect of the functionality.
But what about Gmail you say? Well, I personally don't use the web interface anyhow opting instead for a nice/superior experience from a local client but IIRC the tab starts blinking when theres new mail and the number in the title bar changes.
Even LinkedIn and its simple blue dot on the title of the tab is sufficient for me to know theres new activity there if I want to bother looking (ooooh loooook - a guy I know knows a guy that posted a virtue signaling meme regarding a supposedly socially relevant topic that companies pretend to be concerned about - I MUST KNOW ABOUT THIS IMMEDIATELY!).
Now, on to changing browser and OS notifications on all 4 home systems to my preferences this morning. I didn't realize how much the hubris of bugging me with stupid crap annoyed me until this prompted me to consider it. Thanks OP!
I was too! But then like I mentioned with UX dark patterns encouraging users to click by making them believe they have to click it, it's perhaps not as surprising. Non-technical users are already conditioned to click OK or Yes to anything that appears on their screen without reading it.
Interesting. I'm in the same boat I never actually pressed allow, but somehow I never actually thought about disabling it either. I'm going to do that on my moms laptop as well when I get the chance.
I use WhatsApp and the Android Messages web versions, probably i am a special case due to my bad eyes I prefer my KDE accessibility features and typing on a real keyboard over a smartphone.
I understand the advice, but I don't agree they're entirely without purpose.
> I have never seen them used for any legitimate or useful purpose
That's definitely overblown. I've got a half-dozen enabled, and on re-reviewing that list, I still think they're legitimate. Upon checking mine, I've whitelisted Google Calendar, Gmail, Google Meet, Mattermost (work chat app), and Slack, and I want notifications enabled for all those things.
> I understand the advice, but I don't agree they're entirely without purpose.
[…]
> I've got a half-dozen enabled[…]
That's fine for you, a purveyor of tech news. For almost everyone else, they are a means to spam and false malware notifications.
Our company provides services to clients who rely on computers but aren't necessarily computer experts. The only instances of browser notifications that I've seen (on client machines) are those I just described. In fact, yours is the first instance of someone appreciating them that I've encountered.
No shade intended. I just don't think their benefit outweighs their abuse.
> I just don't think their benefit outweighs their abuse.
TFA said they're without purpose, I said I disagree. You're now saying their abuse outweighs their benefit, which is a separate topic, and is more subjective. I'm not sure I entirely agree, but I could definitely see a case for that.
You're certainly opinionated about something that it doesn't appear that you know very much about.
In-app notifications, SMS and web push notifications are all important means of communicating events that clinicians need to be aware of.
This is delivered via a PWA so that it works on the wide variety of devices we see across patients and clinicians.
Many elderly patients are confused by native apps and app store experiences. Many of them refuse to use an "app". Additionally, things like accessibility are problems that have been solved effectively on the web but can be more challenging with native apps.
Many clinical devices don't support app stores or installation of native applications.
When you've tried to implement reliable health care systems for elderly populations, clinical settings, mobile in-field settings and physicians in a HIPAA regulated space perhaps you'll be able to tell me a better way.
Your assumption that we use any technology because "we want to" indicates that you don't have much experience with this stuff, perhaps it would be better for you to reserve judgement in the future until you understand a subject a bit more thoroughly.
> That's definitely overblown. I've got a half-dozen enabled, and on re-reviewing that list, I still think they're legitimate. Upon checking mine, I've whitelisted Google Calendar, Gmail, Google Meet, Mattermost (work chat app), and Slack, and I want notifications enabled for all those things.
Most of it are native apps tho ?
The difference is that you install app explicitly for purpuse of doing that, vs "I accidentally clicked on website and now it sends crap to my feed" of average illiterate users.
They're mostly Electron, not native apps. My browser has extensions that help me with all of the tracking these apps are full of that are a hassle to patch in Electron apps (who know how Manifest v3 will affect Electron). Unless you have a FOSS TUI I can opt out of tracking, no thanks: I'll keep you in the browser in a pinned tab.
As a bonus, I can apply userStyles to fix their UIs such as them not making black #000 (muddy grey looks bad on OLED) or not using my user-agent-defined monospace font or putting too much padding around elements in a chat UI.
And that's fine, the article only disables pop-ups that prompt to enable notifications. For those few websites which really matter, you can explicitly click on "shield" icon and enable it.
The key idea is that enabling notification should be an explicit actions, and have more consent than a single click.
I don't have notifications / alerts for anything besides family trying to contact me. For everything else, I poll. This has the benefit of allowing me to focus on what I'm doing (which sometimes requires looking things up in a browser) without being interrupted while doing so.
Same: I understand the advice, but it's trivial to find cases where it's useful.
I have three enabled. One is for a past side-hustle, but the others are messages.android.com and messages.google.com . Definitely keeping both of those, even if/when I finally mostly depart the google ecosystem.
Right, a more reasonable argument would be just that the risks outweigh the benefits for some users, especially if they aren't currently using notifications on any legitimate sites.
Certainly for some people. I just prefer the tradeoff of carefully curating my taskbar at the expense of my tab list.
I (over)use the keyboard shortcut of windows key+# (so win+1 switches the focus to the first application icon on the taskbar, win+2 the second, etc), and I've got muscle memory of which applications are pinned to each place. Plus, I've already got the muscle memory of how to get to the various websites I keep open.
Some HN/reddit threads recently mentioned Library Genesis so I visited with Chrome desktop web browser on mac and was surprised it caused a deceptive push notification. Screenshot:
EDIT reply to: >That ad must've been injected by the proxy you were using to access LibGen.
I just went to the top search result for "libgen" from google search result. It's possible they were trying a temporary monetization trial to take advantage of the Z-Library shutdown and that push notification is now gone. The other possibility is that the search result pointed to "libgen.ee" or "libgen.il" which apparently is a clone of Libgen (they call it "Library Genesis+") and it's the clone sites that have the push notifications. It's confusing to to people not familiar with it to know which is fake and which is real. (screenshot of google results:
https://imgur.com/a/65Beo8H)
On another side note, what's amazing is how that website got a push notification silently past Chrome's "Privacy and security" setting of "Sites can ask to send notifications". There was never a "Allow this site to send notification?" prompt. I wonder what Javascript trick they used to bypass Chrome's security.
> I just went to the top search result for "libgen" from google search result.
Yeah, you should never use google for this.
Protip: find the wikipedia article of your site of interest and bookmark it as a source of always up to date urls. Conversely, just use alternative search engines like duckduckgo and/or brave search.
That ad must've been injected by the proxy you were using to access LibGen. uBlock Origin detects no ads, malware or trackers on https://libgen.is/ for me.
"Consider disabling push notifications on your device and on family and friends devices"
because browser vs native should make no difference, right? But when said that way, you see how absurd is the statement as a generate guide. This would be a full-time job to a) convince people not to get notifications and b) change their settings.
Now personally, I have disabled all native push notifications or at best have them sent to the "Notification Center". And after seeing my GF bothered by so many notifications, I showed her how to disable them. Everyone else is on their own.
You have the ability to disable just browser push notifications, at least for Android. I actually find notifications useful, but they can quickly become useless if you are receiving a lot of irrelevant notifications. If you disable all notifications on Android, you wont get things like calendar reminders.
Although it can be useful for some web applications, I kind of wish that push notifications were not added to browsers. Most often they are just abused to spam users. The pop-up you get while going to pages asking you to allow push notifications is also annoying. I have started to disable notifications in all the browsers I use on mobile and desktop.
I haven't looked enough to know if this is possible. In general I found that any browser push notifications I may receive have been better served from a dedicated application.
The post says there are no legitimate use-cases for browser push notifications, but I disagree.
I'm building a niche social media PWA (eschewing native apps to save time), and use browser push notifications to let my users know when someone has DM'ed them.
Sadly, boardgame arena also pushes advertising for new games and features through the notifications as well. I'm sure it's possible to disable specific categories, but it unfortunately undermines their value even more when otherwise legitimate sites still somewhat abuse push notifications.
Of course there are legitmate use-cases; I enable a few myself. BUT--I also know exactly where to go in my browser settings to edit my preferences, should I ever accidentally click "yes" on a bad prompt that starts blasting me with ads and phishing attempts.
The thing is, many non-technical users don't even know where or how notifications really show, much less how to edit/remove them.
At one previous job, that supported vehicle registration for county clerks, there were enough situations where multiple users would "work" on the same vehicle registration that we had to let users know if some other user updated that particular record - rather than fail/error if that user presses submit "too late".
Somewhat real-time chat with a human I'm talking to on purpose is the only legitimate use case I can think of and the only thing I enable any sort of push notification from at all, but even then, only from native apps. If the only reason this needs to be in a browser is saving time for the developer, that isn't a good enough reason for me as a user as long as other options exist that use native apps.
Even to use this theoretically, though, I'd want the strict ability to control who can even send me a direct message. As it stands, the only thing I currently allow push notifications for are SMS and Signal, but the SMS texts are still overwhelming election spam from people who aren't even trying to spam me but have the wrong number for my mother or grandmother and bulk property buyers who claim they want to buy one of my houses. So I hope you plan to enable user-controllable proactive origin filtering (not after the fact user-by-user blocking).
>If the only reason this needs to be in a browser is saving time for the developer, that isn't a good enough reason for me as a user as long as other options exist that use native apps.
Consider food delivery services (from the reastaurants).
We actively order food directly from the reastaurant where possible, because Uber Eats charge more for the food and still charge "service" fees + delivery.
I've just checked, and I have 7 (including Uber Eats) food and grocery delivery apps.
It would be my preference if I dealt with a PWA instead of having to install many apps with varying quality.
A notification of the status of my order is useful, and with the grocery apps, sometimes an item that I've ordered is out of stock, and I have a small window to take some action (if I hadn't chosen one when ordering).
Browsers should've really made it an user-initiated action. Something more akin to adding a site to your browser's bookmarks than what we have currently.
First thing I did when I opened this thread is ctrl+f PWA. Glad you mentioned it even though your comment was so far down.
The other big positive is that the closer PWAs are to native apps in functionality, the less of a stranglehold Apple and Google will have over app distribution.
Another annoyance that totally disappears if you disable JS. In fact, except for perhaps the "I have never seen them used for any legitimate or useful purpose" point, the content of the article could be about JS. As a bonus, fake warnings on the page may also disappear.
I completely agree with the author about how hostile the "modern web" is. At least push notifications are dubious in value from the start, but unfortunatelY JS seems to be trying to replace built-in functionality of the browser like rendering static content.
I've come across a site (on HN, I think) with content written in Markdown which used JavaScript to render Markdown to HTML in the client/browser. Why oh why?
I like to disable JS, but these days virtual no site works without it (except HN, kudos!)
> Your non-technical family members and friends will likely fall for these at some point. For their sake, disable them.
As the famous proverb says "give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime". The best way to "fix" phishing attacks and malware is by making people more "technical". The only way to eliminate these phenomena is by educating people about what a Push Notification really is and that you simply don't have to click it.
The Web needs to be a competitive platform for apps next to the closed and "gated" App Stores. I think that we should not dumb down web browsers to simple page viewers.
I've been around the tech world for a few decades. This sentiment has often been repeated about things like this, but I no longer believe that it's viable. The tech world is just too fast-moving, which means there's not really any such thing as "education". If you manage to teach someone something, it'll probably be out of date in a year or two, if not less. You have to pay attention to the latest trends all the time to really be knowledgeable about it. That just isn't going to happen.
> The best way to "fix" phishing attacks and malware is by making people more "technical".
I've been trying to do this for 25 years. It has yet to be successful. Especially since the vectors of attack change constantly.
> The Web needs to be a competitive platform for apps next to the closed and "gated" App Stores. I think that we should not dumb down web browsers to simple page viewers.
Disagree 100%. With native(ish) apps at least I can do things like block internet access if I don't want them to "phone home". I can also downgrade (or not upgrade) them if they push regressive "updates". Web apps take all control away from the user. We need ways of running whatever we want on mobile. But using web apps as a workaround is a cure that's worse than the disease.
I've managed to get my parents to be suspicious about emails and phone calls, to forward me anything they're unsure of, to reply to any communications purporting to be from their financial institutions by calling back with the number on their card or statement, to install updates as soon as they become available, to use unique passwords for everything and so on....but I still regularly find malicious extensions installed on their browsers and homepages set to some fake version of Google.
I continue to try to educate, but nowadays I make sure they always have ad blockers installed (I believe most of the tricks they fall for stem from malicious ads) and I try to lock things down and disable features where it makes sense. I dislike the locked down world of iOS and what has become of MacOS, but I appreciate having it for devices they use. This is part of my job, I think about this stuff every day and I still worry I can't keep up, so I can't really expect the same from them.
The phone app is the only one which I allow to have "push notifications".
And they can be disabled.
It's also the only one that I can think of that allows me to selectively enable based upon the sender (iOS user here).
I'm at my mom's place, I had never thought of turning them all off. I think I should outright disable Chrome on Android notifications, as I now can't think of a reason why she should get notifications.
She's been spammed by all sorts of nonsense from tabloids and scams.
> In the same way that e-mail spam filtering works, so should browser push notification spam filtering. If you don’t implement this, you are complicit in the continued abuse of your users.
I can't remember as I haven't worked on notifications in years, are the notifications not meant to be encrypted? Such that the browser vendor can't see the contents?
With e-mail I understand and accept the message processing needed to identify if it's spam, but I'm wondering whether browser vendors (or more specifically, push servers) would today be able to intercept messages.
Numerous services will allow messages to be sent via push notifications, wouldn't it cause issues if your browser vendor is now "reading your messages"?
> If needing to filter browser push notifications for spam seems like a lot of work, then questions need answering about the value of the feature in the first place. Seriously, what is the value of this feature?
I understood the feature as part of making PWAs able to replace the need for native apps. When browsers started supporting push notifications, I used the service to send public transit alerts to users who opted into them.
> Were you pressured into it by ad companies? Why is the feature so open to abuse?
Native apps can be removed from stores, and Google/Apple would (I assume) drive the lion share of notifications thorugh their servers, and can probably detect abusive behaviour more readily.
With browsers, I'd again assume that it's harder, as one can use any service they'd like.
Then what about Chromium where all the tracking stuff has been stripped out? Who would police that?
Two possible solutions:
1. A blocklist is maintained, similarly to malicious websites. Don't know if flagging a website abusing notification marks it as malicious overall, but at least with malicious websites the user wouldn't even see the website.
2. If a user dismisses notifications and never opens them, perhaps the browser can take initiative and block them permanently.
----
I'm responding mainly with experience of spam on family's phones, I fortunately don't have elderly family who use PCs.
I'm distinguishing between displaying contents of some payload vs actively tokenising and interpreting such content.
If you set up an extension that blocks notifications with the word "vanilla", what the extension would be doing to act on that notification is what I regard as "reading your messages".
Apple’s content blocking framework doesn’t allow the extension maker to know what you browse. It sends a json file to Safari with regex expressions for Safari to block.
To filter out spam notifications, the browser would need to forward notification contents to the vendor. The filtering can't be done on-device because that gives spammers direct access to the models.
> are the notifications not meant to be encrypted? Such that the browser vendor can't see the contents?
No, the Windows API's for showing the notification (or for any OS) are going to need to know the text to render and the image to display, which is information the browser will have to tell those API's.
> send public transit alerts
Probably the only legitimate use case I've heard but I've personally used apps from the transit companies for this.
That's an interesting idea that I think I agree with, or maybe the site can only prompt you if it's been added but you can still manually enable it if you want (though adding the homescreen isn't the end of the world if you want notifications). That said, PWAs have downsides on iOS and I can't speak for Android. I'd almost always prefer to stay in Safari when looking at web content. I'm ok with webviews in apps for their internal UI but I almost always bounce from the in-app-browser to safari with the exception of maybe something like Reddit (Apollo) since normally things I look at from there are news articles or other read-only-type content. As soon as I need to login then I'm off to Safari.
Off topic: I don't know if the situation is better on Android but my biggest pet peeve currently is being bounced into an app instead of the web version of the same page. Like clicking on an IMDB link in google results or a Steam link (often comments, like when I'm trying to figure out if something is a bug while playing on a console). I know the workaround for this (long-press link, open in new tab, or delete the app) but on the other side of that coin sometimes I get sent to the Amazon webpage but I want to bounce to the app where I'm logged in and the UI is better (IMHO) but I've yet to find a good way to do that (maybe "share" the page to the Amazon app? I've never tried).
Well I think the power usage (AFAIK the website needs to register a service worker working in the background) and abuse potential were the main concerns of Apple for not implementing it earlier.
I am wondering what the limitations are going to be.
As I understand Apple used to be the gatekeeper of all push notifications (App Store, APNS) but with enabling push notifications on the em web it might open the floodgates. Could be a thing, could be problematic.
So if Apple is the only reason that PWAs aren’t mainstream, why do most companies have web apps, iOS apps and Android apps instead of just telling Android users to go to the web?
Android supposedly has great PWA support obviating the need to write native apps yet no one has ever stepped up to the challenge of finding popular examples where a company was forced to write an app for iOS . But decided that a PWA was good enough for Android.
And despite the whining about fees, most (80% it came out during the Epic trial) App Store revenue is from games. And most other companies are either in the B2B space where the customers sign contracts outside of the App Store,
B2C companies that are advertising supported, sell physical goods and services that are not effected by the policy (Uber, Amazon, etc) or have the option to bypass the App Store in app purchases like Netflix and Spotify.
I think reason #1 that i gave is already the dealbreaker for most companies considering PWAs. If your users have difficulties discovering and installing your app, it's a no-go.
Google Fi Messages uses push notifications and it's one of the few things that makes me really, really wish iPadOS had web push support. (I already have a SIM in my iPad, I just need to use a webapp to text or call.)
Otherwise, completely agree. I've already had to clean out notification permissions from multiple people who were getting insidious amounts of web push spam. Nobody knows how to manage their notification permissions on Chrome, and web push popups themselves aren't great at telling you how to disable unwanted ones. I suppose this is why every hostile ad site begs you for web push permissions nowadays.
Related gripe: websites that ask for location before you even have a chance to know why they need it.
Oh damn, that makes me remember one weird event, my tech illiterate mum told me "did you heard queen died?" like... 3 months before that actually happened coz she accidentally subscribed to some random garbage on their phone and most likely assumed some clickbait header is actual news...
Another interesting thing I found out is that Chrome seems to store pretty much all of these notifications, indefinitely, on the filesystem. It's a great source for reading messages someone has received on Whatsapp/Telegram web clients and things like that.
That is what I do when I have once a year father's/mother's phone in hand and I see notification bar flooded with crap notifications from various apps, not just browser. As for desktop, they should have adblockers which should take care of it hopefully.
I installed Linux (Manjaro), and the problems are confined to the browser (and then handled by uBlock Origin). But my parents only use the computer for browsing and very rarely for opening documents.
I volunteer at a church by helping out with some basic IT issues from time to time. I recently had to disable Chrome browser notifications on one of their PCs because the McAffee anti-virus notifications just wouldn't stop. I thought I had already uninstalled the actual McAffee desktop software but I guess it embedded itself into the chrome browser somehow too.
On a related note, I wish Chrome had an easy way to permanently say "don't ask again" (on a site-by-site basis) to the "Do you want to login with a google account?" popup that so many sites have nowadays.
But I prefer my browser to act as a sandbox. Push notifications are disabled and I don't get any requests to allow on any device I use.
But then I don't like notifications in general even from apps and only have f
exceptions for Telegram direct messages/sms and calendars.
If I want to know if I have an email or some app has she news for me, it can wait until I make time to go have a look.
I use devices to work and the last thing I want is distractions from notifications as much as possible. I also feel less overwhelmed and freer when exposed to less notifications.
I'm considering moving a notification service currently implemented with email to Web Push Notifications. It's a shame these notifications have such a bad rep due to abuse. A permission request to enable Push Notifications should in my mind only be initiated from a user interaction. Like a toggle in a settings dialog to specifically enable these notifications for specific topics.
Legitimate notifications from web apps are still useful. (e.g. being mentioned in real-time chat)
The problem is the rampant spamming of the permissions prompt itself and ensuing inadvertent acceptance. So the practical solution is to close that vector. Instead of the active popup, use only a passive menu entry or an unobtrusive icon, like how it already works for mailto handler registration.
I don't like this title, even though the article doesn't really mention the logistics. It implies for you to go and muck with someone else's device. I'd rather inform them and let them make up their own minds. I can't tell you how pissed I'd be if someone changed a setting on my phone without consent, regardless of how well intentioned they were.
The author should include in their own article: "watch out for bad grammar" which makes anything that does get past preferences and UBO seem even worse -
“Your computer is infected with dangerous viruses.”
“Your bank account has been compromised.”
“System Is At Risk”
"Your might loose your data!”
We need more distractions and interruptions getting in the way of flow like we need a hole in the head (something push notifications do a great work simulating, as far as impact to your productivity is concerned).
Are these the same people who use billion dollar corporations like Twitter just for receiving another type of notification from the same sources instead of native way?
Let's be honest here, they are only getting those notifications because they visited some random shady website and clicked on "allow" notifications as they would click the "accept" cookies button; to hide the nag.
Installing uBlock or setting up ad-blocking DNS for your friends should cut out 99.9% of phishing and spam.
Oh okay. Missed the joke. Killing off the notifications feature on the account of a few rogue actors doesn't seem like a reasonable measure.
Though ironically even if we are to take your example, I would consider advertising in this scenario to be harmless compared to receiving malicious phishing links in your notifications. I believe those 2 websites would never stoop that low.
Anyway people never click allow on those so they might as well be useless. I prefer to make my own notification system. If the user wants it , they leave the tab in the background , much like how i leave gmail.
Aren't they already a privacy nightmare being so centralized?
> Anyway people never click allow on those so they might as well be useless.
They do, by accident. And then wonder why the fuck they keep getting spam push messages and how to turn it off. Which is why the right thing to do is turn them off completely for non-technical friends and family. Likelihood of harm is near-zero (as you note, basically no-one wants these) and, at the very least, it saves them from distracting, useless pop-up dialogs.
consider not messing with people's computers without their permission.
there's legitimate uses for browser notifications. messaging apps like slack and discord, calendars, email clients, etc. some browser games. some buy/sell platforms. notifications serve a purpose. if you understand the consequences and want to turn them off on your computer, then go ahead.
but in my experience well-meaning young folks turning things off on other people's computers is a big part of why some people don't trust their computers, or think they're bad at computers. they're talking to a friend and find out that their friend's computer gives them a little notification every time they get an email, and they don't understand why their computer doesn't do that. and the first conclusion they come it is that they just don't know how to use the computer properly. meanwhile they know how to use their computer perfectly fine, but some grandson has gone through the settings and turned off half the things their computer does.
I've done some victim support for people who have lost their life's savings to a phishing scam. If only they had someone helping them disable these things, install ad blockers, explain caller ID spoofing etc.
I wish you could completely block URLs and phone numbers from SMS -- it's by far the most dangerous vector. People get a text from their bank, the tax agency, their medical fund, fedex. It warns them of a problem on their accounts and they leap into action like Pavlov's dog, clicking the link, calling the number. The nice man on the other end listens and says "we need to secure your accounts, but before we continue I need to do a full ID check. Can we start with the current balance of your account? Very good. And your full name and DOB? Okay, just waiting for the system, a bit slow today ha ha. Now we will be sending you a security prompt by SMS to verify you. We take security very seriously here...".
Personally I’d like to run a server that could send notifications to me and to other people who would like to join this party. It is a valid use case and making it as cumbersome as possible feels wrong (depending on what it means of course).
Though I agree that it would be good to not turn it on by ok-clicking like our parents always do. “aA -> turn on” would be enough, popups definitely banned.
This feature should never have existed. I used to work in a computer repair shop and saw hundreds of people with spam, scams, and malicious content piped directly to their computer. Most people have no idea how to make it stop, have no idea where it came from, but are aware it's happening and hate it.
Browser push is probably close to 100% malicious or ads at this point. It's directly enabled scammers to steal 10s of millions of dollars.
If Google came out with a feature that just stole $50 of iTunes gift cards from your granny no one would want it. That was browser push is at this point.
The less-than-1% of Web push message volume that is desired and helpful is a no-brainer sacrifice to get rid of the 99+% that's unwanted, accidentally-enabled spam.
Of course, short of just getting rid of it, we could make it like RSS where there's just a little icon and you have to choose to engage with it to use it, otherwise you won't even realize it's there. But I expect that amounts to the same thing, and the feature'd be dead before long, being too much effort to keep up for something that nearly no-one would both know is there and want to use. Probably usage levels similar to FTP in the browser, and that got axed.
Not one time have I allowed it ever in all these years and I'm shocked anyone else allows it at all too. Not having considered it before but I'm really surprised this tech is on by default or even exists at all. It may have some neat IOT use cases but IOT has about a billion other notification options for machine/machine communications that are better. Thats the best I can do in terms of trying to argue theres a good aspect of the functionality.
But what about Gmail you say? Well, I personally don't use the web interface anyhow opting instead for a nice/superior experience from a local client but IIRC the tab starts blinking when theres new mail and the number in the title bar changes.
Even LinkedIn and its simple blue dot on the title of the tab is sufficient for me to know theres new activity there if I want to bother looking (ooooh loooook - a guy I know knows a guy that posted a virtue signaling meme regarding a supposedly socially relevant topic that companies pretend to be concerned about - I MUST KNOW ABOUT THIS IMMEDIATELY!).
Now, on to changing browser and OS notifications on all 4 home systems to my preferences this morning. I didn't realize how much the hubris of bugging me with stupid crap annoyed me until this prompted me to consider it. Thanks OP!