Comment by tantalor
2 years ago
That doesn't make sense. I would expect Signal notifications to happen completely out-of-band with "normal" push notifications (e.g. NYT news alert). Otherwise that completely defeats the purpose of the service. Basically you're saying Apple/Google are MITM'ing Signal.
This is just how push notifications work on iOS and Android. The app requests a push token from the operating system, sends that to its backend and stores it against the user's identity. To send a push a message is sent from the backend to a push service maintained by Apple or Google, who then deliver the push to the phone in question. In the case of Signal, their backend cannot access the message content, so the notification does not contain this, i.e. it's not MITM.
On iOS in particular background modes are finicky and you cannot generally have an continuously poll notifications in the background. Further, if every app did this battery drain would be significant.
I'm not so familiar with Signal, but could you explain why you would expect Signal notifications to happen out-of-band with normal push notifications?
Assuming Signal sends push notifications of some sort, as most messaging services do, that would make them vulnerable to the metadata-level attacks described in this thread.
What kind of "out-of-band" are you thinking of that would mitigate this issue?
Why: because otherwise the service, which is supposed to be private, is no longer private.
I dunno how it would work, maybe something like a third-party push? Why does everything have to be channeled through central service? A service like Signal could operate its own push channel.
Notice how SimpleX (https://simplex.chat/) has no push notifications by default because of this issue.
Apple doesn't support any third-party push platforms, and they are restricted on Android to preserve battery life.
Not using APN I assume, but then you are not allowed(or rather won't pass the review) to publish the app in the App Store.
no, that's not basically it. MITM to me means being able to read the data by placing yourself in the encrypted chain. that's not how push notifications work. they don't need to know the contents of the message
The notification is separate from the message. It absolutely is MITM, just for the notifications, which are messages themselves with real content (you have received a message from so-and-so).
I don't know what you think you are proving here. They did not view the contents of the message. An MITM "attack" would allow them decrypt the content of the message. This is just metadata being used. It's no different than all of the other metadata uses that the TLAs have been using. We've known for a long time (for me since Snowden was the first time I ever even considered it) that metadata can tell us a whole hell of lot about people that is just as much evidence that the actual contents of the message are irrelevant. With metadata alone, you can build up an entire network of people to investigate. You can do that investigation without ever decrypting anything. It's no different from the police following a suspect to see who they meet, and then following that person, and continuing until they find the bigBoss. They can then roll up the entire network in one fail swoop if they so choose.