Comment on Apple Makes It Harder for Police to Access Your Push Notifications
Teknikal@lemm.ee 11 months ago
Shouldn’t it be impossible for them to even be able to hand over your notifications in the first damn place.
There’s no reason I can think off that they should even have this info.
gregorum@lemm.ee 11 months ago
it’s up to individual app developers to encrypt the data in their push notifications. as for the data about the notifications (the metadata stored on Apple’s/Google’s servers), that would end up being mostly useless if it were just a block of timestamped and encrypted data sitting on Apple’s or Google’s servers. Presently, that data often also includes the full notification contents, unencrypted.
But when those companies get a court order/subpoena, they have no choice but to cooperate.
towerful@programming.dev 11 months ago
The metadata is actually quite important.
Sure, chances are it’s a “pending WhatsApp message” notification, but not the actual contents of the message.
However, with enough metadata and by surveying traffic from WhatsApp data centers, someone could see User A accessed WhatsApps service, which generated a WhatsApp notification for User B.
That might just be a coincidence, but with enough data and time, the probability that User A is talking to User B can be increased.
If it also shows that Users C, D and E also get notifications at the same time, it is likely that all those users are in a group chat together.
It’s called a timing attack.
And perhaps it isn’t enough evidence to stand up in court, it can help build the profile of the users, and guide investigations to other possible accomplices.
gregorum@lemm.ee 11 months ago
I realize that sometimes metadata can be aggregated in nefarious ways. sometimes, however, it’s useless. currently, however, it contains all of the unencrypted contents of the notification itself, not just the metadata, and my point is that’s it’s better to take the step of encrypting the notifications themselves to at least protect that data.
Steve@communick.news 11 months ago
But why would a copy of the notification history exist outside of the phone itself? I can’t think of a reason why notifications should be collected at all.
Railcar8095@lemm.ee 11 months ago
Imagine you have 20 apps that can send receive notifications from remote (messaging apps, offers, updates…). That would require each app to be active in the background and pulling updates. That’s a massive battery drain.
Instead, the apps send the notifications to Apple/Google, and the OS checks for all of the apps. The apps don’t need to be awake (the OS could show the notification or wake the app) and there’s only one service checking for the ml notifications.
It’s a massive oversimplifying and probably I made some mistakes, but that’s my understanding. Hopefully somebody can correct me.
Steve@communick.news 11 months ago
Apparently that’s how it works.
I’d imagine a notification service on the phone that can receive or pull from all the various sources on behalf of the apps installed. That way the app servers don’t need to hand the data to Apple/Google servers. It just seems like an extra step.
gregorum@lemm.ee 11 months ago
there’s a lot of different reasons why it might exist, depending on how the app or service work. some might have no data history, some might have a lot with a long footprint. some apps/services may benefit from rethinking how their app/services handles/routes this data.
it’s complicated.
Steve@communick.news 11 months ago
But that’s just an individual app collecting its own history. That makes sense.
Apple or Google collecting all notifications seems like data collection for its own sake, with no real useful purpose.
zeluko@kbin.social 11 months ago
If you are only interested in the data, sure.
But metadata is also very powerful, specially when aggregated
gregorum@lemm.ee 11 months ago
it can be, depending on the context and what metadata you get. it can also be useless or of very limited value, even in aggregate. it’s really a roll of the dice, depending on the case. while I agree that no data access would be preferable to a little, encrypting the notification contents provided far better protection than what we get now, which is all.