Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Research Reveals How iPhone Push Notifications Leak User Data
- Thread starter MacRumors
- Start date
- Sort by reaction score
I think this is more widespread than even the article lets on. I'm an iOS dev, and I've seen third party marketing companies who have push notifications as part of their SDK claim that they can get analytics on when a notification lands on their device (Something that would not be possible with the original push notification standards) . I dug into it with one of them and this was what they were doing. I actually figured this, and it wasn't terribly surprising to me. I don't see how this in particular can make a more effective fingerprint for a device in itself, but I'm sure combined with other things there's something. It's important to note that if a process is running on your phone whether it's an onscreen app or not, it can be collecting analytics (Harmless or not). One reason I leave my iPhone in low power mode.
I run the backend platform for several iOS apps that use push notifications. This nightly process for identifying uninstalled apps is actually not a bad thing. I will explain why and how it works, and how it's different from banned activity like fingerprinting.
To send push notifications, an app's cloud backend must maintain a database that maps device tokens for enabled notifications to their respective user. A user could have the same app installed on 2 iPhones, an iPad, etc., at the same time and that would be 3 different tokens in the database. Every push-enabled app must maintain this mapping db and there is no way around it. Because when a notification needs to be dispatched to particular user, the backend sender software refers to this database to obtain a list of tokens for the user, and makes one API call per-token to the Apple Push Network to deliver the notification to the user's devices.
Each time a user (deletes and re-)installs an app, the device generates a new app token, which the app can report to its cloud backend when the user presses 'approve' on the allow push notifications modal. User re-approval for push is required every time the app is re-installed.
There is currently no ability to report to an app's cloud backend when an app is no longer installed for a user. Which means that without some kind of process to prune the database, the db grows unbounded size and, over time, becomes more and more polluted with deprecated tokens from old device installs. Imagine an app like FB that has been around >15 years and what their tokens db would look like if they weren't pruning it.
So the nightly push notification process gives the app an opportunity to check in with the backend so that the tokens db can remain lean and optimized by pruning tokens that haven't checked in after a number of months. Further, it also prevents apps from hammering Apple's push API with notifications for tokens that haven't been valid for months or years. This particular use case you highlighted has nothing to do with tracking user location or fingerprinting but is more akin to good housekeeping.
Reality is that some apps or full function versions of the apps won’t exist in the App Store once sideloading is live.
All the user risks and exploitations, and they are many, will start from there.
That's fine by me. The iPhone (or iPad) should be the firewall, not the App store.
Let the user decide.
Actually the one thing it can get you is whether the user has notifications turned on for your app, which could help. Not terribly helpful, but like you said fingerprinting is a bunch of little data points in isolation. Why I said: There's probably something. There's always something. 🙃
And this, my friends, is the one million dollar question. I’m wondering the same. Does disabling push notifications keep you untracked? What about the red badge with the unread messages, does that send info as well?
If that's the argument you're going to make, then why is it happening now when side loading isn't possible? By your flawed logic, this shouldn't be happening right now, because by not side loading...there should be no effect! Yet here we are. So clearly, when side loading becomes an option...by choosing NOT to do it...it's not protecting you from anything. Seriously, how can you not realize that?
If "don't side load apps" is the way to avoid this, this shouldn't be an issue for ANYONE on iOS right now.
Your argument isn't matching up to the reality here...🤔
EDIT: The lack of response on this one is pretty telling! Guess I've made my point!
Last edited:
Which gives the consumer more freedom?
I'm not going to answer that because I can't, nor can anyone else, until it happens. It's also not my concern; user choice is mine.
Anyone who values their privacy should never connect anything to the internet period.
Since the big names are doing this, and probably hundreds of the smaller apps too, then this has been an open secret in the developers circle. Why wouldn't Apple have known about this and fixed it?
Yes, it is a simple mathematical calculation: it was proven quite a while ago that app review is always incomplete.
I can hear the meeting now... "Hey team, Apple is preventing us from tracking user activity across other apps and the device. It's this whole 'privacy' thing that people are concerned about. So I have an idea, let's figure out a way around the system so that we can get that same data in some other way." Does sorta explain why my wife can mention her co-worker who also likes watching the world cup, and suddenly I get advertisements for soccer lessons, shoes, streaming services, video suggestions, groups to like, etc. the next time I open my phone.
I wouldn’t even say “generally considered”, macOS IS less secure than iOS. Consider macOS without .kext’s is more secure than macOS WITH .kext’s. iOS goes WAAAY further than that at restricting vectors for exploit.
That Families Data should splayed on evrey Screen in Times Square - Reciprocity Innit.
I think most of the jobs at the companies named in the article (TikTok, Facebook, Twitter, LinkedIn, and Bing) are exactly that -- figuring out ways to secretly do things / collect data that the user doesn't know or want to occur or be collected.
Exactly. Beat me to it. What could possibly go wrong? And, per usual, when security messes arise Apple will get the blame.