So if I have signal on iOS configured to use notifications (which include the body of the message), those notifications are sent unencrypted over apple’s push notification system?
Some quick googling let me to this SO answer [0] suggesting that as of 2016 devs can configure APNS as an encrypted channel where the client decrypts notification payloads locally.
Your link is correct -- Apple recently added the ability to programmatically modify the contents of push notifications which would allow one to build E2E on top of APNS. Android has always processed notifications through intents, so it's always had this capability. Google is just providing a pre built solution that works for some use cases but this method was technically possible before.
I've read from the Signal team before (no reference links on hand, sorry) that Signal servers send an empty push notification to your device to wake it up, at which point the Signal app fetches your notifications/messages from Signal's servers.
At least, that's what I read for Android/GCM, I'm not sure if that applies to Apple.
I believe they’re referred as “Silent notifications” on iOS. It’s very convenient to update state in the app without having to wait for the user to perform the action manually.
Which would be consistent with most messaging apps that use notifications. Although I'm sure there is an exception to the rule most only use notifications to indicate to the client that a new message is available on the server.
Some quick googling let me to this SO answer [0] suggesting that as of 2016 devs can configure APNS as an encrypted channel where the client decrypts notification payloads locally.
[0] https://stackoverflow.com/questions/32719476/how-secure-are-...