Menu
Does anyone know where the vulnerabilities are in Apple's APN push notification services?
We can ensure that our notifications are sent securely to Apple, so we just need to know whether they can be intercepted from that point?
Motivation: We have built an iOS messaging app that we are making as a 100% secure solution, with some features that have never been exploited before in security.
711
iMessage makes extensive use of the Apple Push Notification service (APNs). Apple doesn't log the contents of messages or attachments, which are protected by end-to-end encryption so no one but the sender and receiver can access them. Apple can't decrypt the data.
Push notifications authenticate the user by confirming that the device registered with the authentication system – typically a mobile device – is in fact in the user's possession. If the device is compromised by an attacker, then push notifications are compromised.
If you allow notifications on your iPhone from every app you use, you may spend more time checking your notifications than getting things done. While some notifications can be very important – phone calls and text messages, for example – too many notifications is bad for our sanity.
Apple released the UNNotificationServiceExtension last year, allowing developers to send fully-encrypted notification payloads through APNS and then let the app on the end-user's device itself do the decryption (or load any additional supporting data) before displaying the notification:
The UNNotificationServiceExtension class provides the entry point for a Notification Service app extension, which lets you customize the content of a remote notification before it is delivered to the user. A Notification Service app extension does not present any UI of its own. Instead, it is launched on demand when a notification of the appropriate type is delivered to the user’s device. You use this extension to modify the notification’s content or download content related to the extension. For example, you could use the extension to decrypt an encrypted data block or to download images associated with the notification.
My team is investigating this further as a means to send useful notifications in a fully HIPAA-compliant manner, with no ability for Apple to see the plaintext of the notification. We're optimistic.
51
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
