Comment by popcalc
2 years ago
It would indicate that they're lonely and looking for a partner. If you were looking to turn them into an intelligence asset, you could have an officer approach and seduce them.
If it's Grindr instead of Tinder, or if they're married, you have a blackmailing angle. In a lot of countries it would be very effective.
There's no need for notification snooping when these apps are spamming requests to unique subdomains on analytics services and their own APIs. DNS snooping is a much easier method of getting that metadata.
Although I suppose one advantage of push notifications compared to DNS is that they're delivered even when the app isn't open, and more generally they can also serve as a liveness check (successful delivery means your device is online).
Push notifications would be most valuable for p2p metadata (e.g. iMessage key exchange handshake between two users) and, to the degree they can snoop on the message content, obviously that would be valuable.
Just because some apps use insecure but highly identifiable DNS lookups doesn’t mean everyone does, or that DNS-over-HTTPS will never be deployed (iOS shipped support in 2020 and Android was only a couple of years later). There’s a 0% chance that anyone smart would say they should rely on that alone and not develop other sources for that information, and intelligence agencies have hired many smart technical people.
In general, I agree DNS-over-HTTPS is a step in the right direction, in terms of eliminating the low-hanging fruit of snooping over the wire. But it's still the same major companies providing the resolvers. And if you're sending them an NSL for push notifications, you may as well send one for DNS too.
3 replies →