Comment by keepamovin
2 years ago
If you were able to do this, and you also had control of the person's ISP/cell network (not unusual for the threat model here), then one thing you could do is interfere with their communications, "shadowbanning" them from their friends/contacts. Say you used a particular app, like LINE, to speak to one particular friend who your "benefactors" didn't want you speaking with, they could drop connections between your device and that app's servers whenever they intercept a push notification from Google or Apple targeted to that app on your device. Effectively preventing the two parties ever communicating.
Depending on specifics, it seems it would be possible to do this cleverly, so the app still thinks it's connected, but just never receives these messages.
I'm not an expert on this, it just seems a plausible possibility. Best effort response to your question! :)
This would only work if the protocol doesn’t have the concept of retries, which it does. They’d have to block all communications which would be highly noticeable - especially since you’d get a flurry of messages any time you opened the app or migrated onto a Wi-Fi network.
I suppose it depends on which protocol, and which app, we're talking about, but...Interesting. Good analysis!
It's conceivable that connectivity checks flow to other servers than delivery traffic, and these are passed-through. Although addressing your more general critique of the "flurry" (good word! :)), requires noting that accomplishing this capability would involve compromising the app's servers. Such backdoors are again not outside the realm of possibility in the given threat model.
Do you see any possibilities for interference in the push interception capability described?