Oh hey it’s one of Signal’s main vulnerabilities again @rysiek@szmer.info
but the apple fanboys tell me their phone is private!
And the secure “lockdown” mode on iOS disables push notifications for exactly this reason. But the vast majority of people don’t use lockdown mode in their day to day, because it kills a lot of the functionality of the phone. Lockdown mode is intended for people who may actually be targeted by laser-focused hacking attempts. Politicians, celebrities, people with high security clearance, etc… It’s not something that the average person would use.
Apple even publishes this as a known vulnerability. It’s due to the way push notifications work. Similar to SMS, push notifications default to unencrypted because there isn’t a single unified system. Each carrier and cell manufacturer handles push notifications differently, so they’re kept unencrypted so that the public encryption key doesn’t get lost during transit; That would just result in scrambled junk messages.
I got news for you. Google does this too. Have a great day.
yes. we all know.
apple fanboys are the people who don’t think this shit happens to them.
the only halfway private smartphones are unlocked androids that can be used with a degoogled OS. and even then.
All fanboys are alike. I just find it ridiculous to think that only android users are aware of privacy issues. I’ve used both, currently run an iPhone but with end to end encryption turned on. Yet I know that not all things are private.
How dare you ruin their narrative
GrapheneOS user joined the chat
It’s paywalled for me so can’t see this all. But does this mean signal, rcs and other encrypted messages are being logged? Kind of defeats the purpose of privacy based use cases if so
Signal is E2EE. While it does use notifications, there is no meaningful unencrypted content in them. The content of the notification you see is decrypted on-device.
A push notification, from a technical standpoint, is just a way to wake up an app. It doesn’t have to contain any information.
So when you get a message, the messaging service sends a push notification through Apple/Google, which is a way of saying “Hey messaging app, wake up”. The app then starts running in the background on your phone, connects to it’s server, asks if there is anything new to know about, and the server tells it about a new message, if any. This can then generate a notification on your phone, but importantly what you are seeing in the notification did not come through Apple/Google, all that did was the “Hey messaging app, wake up!”.
If authorities then request this data from Apple/Google, all they can see is the times at which your messaging app was asked to wake up. Not whether any message was actually received, or what it contained, or from who. Because all that never touched Apple/Google’s systems, not even in an encrypted form.
That being said, some data can be sent directly through the Apple/Google system along with the wake up message, so it’s not impossible that some apps include some metadata there. In theory they shouldn’t. For example simple marketing notifications or ads often are just included with the push, because it’s simple to do.
Removed archive link, also paywalled.
:(
Articles Found:
- https://m.slashdot.org/story/442846
- https://arstechnica.com/tech-policy/2023/12/apple-admits-to-secretly-giving-governments-push-notification-data/
- https://www.vice.com/en/article/apple-just-confirmed-governments-are-spying-on-peoples-phones-with-push-notifications/
- https://www.imore.com/iphone/apple-admits-governments-can-spy-on-your-iphones-push-notifications-and-they-already-are
- https://www.macrumors.com/2023/12/06/apple-governments-surveil-push-notifications/
- https://appleinsider.com/articles/25/06/04/apple-approved-fewer-push-data-personal-info-demands-in-2024-despite-government-surge
Edit:
- Removed archived link, paywalled, signin required
- Added articles on topic
Apple’s transparency reports are interesting to look at, though I think the last update was June 2024.
Here’s the latest update for the US.
This sounds like news but it is not. It is also not unique to apple. If you use push notifications on any platform you’re susceptible to this.
Push notifications are often unencrypted beacons that are used by cops to corroborate surveillance between devices even when the content transferred between devices isn’t available or incriminating.
It’s the old “you say you weren’t involved but call records indicate you communicated with the suspect despite being in another county at the time of the crime” but updated to digital. When cops want cause for a warrant or some kind of wiretap they use push notifications to establish it.
If you’re doing crimes or whatever, turn off push notifications. They can be used to establish that you communicated with someone or that you were in a specific area.
Again, this is not unique to apple devices.
And that is why we use ntfy :)
Not the main instance ofc because then you have one big silo again, but there are plenty of publicly hosted servers.Selfhosted gotify rules
Does ntfy solve this problem?
It gives you full control over everything required for push notifications. If you self host tge server its perfect ofc, but even if you dont, spreading notification data over hundreds or thousands of push servers makes it much harder for governments to find what they are looking for.
Didn’t we already go through this Google?
It is amazing how these companies design these services in a way that enables them to view the contents. They act as if they own the device you paid for. And most people will just accept this.
Part of that is the responsibility of the app developer, since they define the payload that appears in the APNs push message. It’s possible for them to design it such that the push message really just says “time to ping your app server because something changed”. That minimizes the amount of data exposed to Apple, and therefore to law enforcement.
For instance the MDM protocol uses APNS. It tells the device that it’s time to reach out to the MDM server for new commands. The body of the message does not contain the commands.
That still necessarily reveals some metadata, like the fact that a message was sent to a device at a particular time. Often metadata is all that law enforcement wants for fishing expeditions. I think we should be pushing back on law enforcement’s use of broad requests (warrants?) for server data. We can and should minimize the data that servers have, but there’s limits. If servers can hold nothing, then we no longer have a functional Internet. Law enforcement shouldn’t feel entitled to all server data.
Thank you for expanding my understanding on this topic. Very insightful.
android vs linux: round 2 electric bugaloo
- android: comes preinstalled with google play services
- linux: comes preinstalled with whatever package manager your distro uses
GPS is root access to your device no check or controls.
Package manager at least requires password input to make modifications.
Strong handle, btw
I’m actually surprised this came up again. Wasn’t this a thing back like a year and a half ago or something as well? I remember a big push to get on unified push about then.
Thousands, you say? gasp
Exactly. Out of the trillions that they probably process every day, over several years, they only had to turn over “thousands”. If the government can find a bunch of loopholes to get what they want, then that’s hardly the fault of Apple.
If the worst you can say about Apple is that they still, very rarely, are forced to turn over data to the government due to bureaucratic loopholes and are no fault of their own, then I still stand behind them.
And if they got anything useful out of that data? Then it is the fault of the actors for not properly encrypted their data when they have the opportunity.
Both google and apple designed notification services that enble spying on your activities on the device.
Also, that’s the requests that were done by “law enforcement”
Anything “national security” won’t be reported there.
The story here is that mega corps collect this information. This information can be used against you.
Don’t be naive.
It’s hilarious that you could equate, Google and Apple as both being evil, even though Apple specifically and explicitly keeps all of its specific and private user data private, and it always has. Apple has even gone up against the FBI and the Supreme Court in United States on several locations to maintain their ability to obvious skate and anonymize specific user data.
But, I know let me love to hate on Apple, regardless of if it’s even true, so hate on!
Of course, if you have any meaningful evidence of the contrary, go on and present it. Let’s see what silly excuses you use to rationalize murder. I’m very interested!
