← Back to context

Comment by onionisafruit

2 years ago

If they use IP to deliver notifications, then the gov can demand they hand over the IP address a notification was delivered to. From there, location isn’t hard.

5 comments

onionisafruit

Reply
xyst  2 years ago

IP geolocation isn’t exactly the most precise though. 600M+ IPs have a default location to some farm in Kansas [1]

[1] https://www.washingtonpost.com/news/morning-mix/wp/2016/08/1...

  • onionisafruit  2 years ago

    I should have been more specific. Although they could use IP geolocation, they can also get data from the cell carrier that delivered the notification to that IP address.

    So a gov finds that IP address 7.8.9.0 received one of these notifications at 12:34. They then see that 7.8.9.0 is one of ATT’s addresses. They go to ATT and learn that address was used by their customer onionisafruit at 12:34 and the device was 5ms away from tower A.

    • Canada  2 years ago

      That's hardly necessary. I think the attack goes like this:

      You have captured the device of some group member, and you want to investigate his associates, but you don't know who they are. So you ask Google and Apple: Make a list of all of the devices that have received a push notification sent by <list of messaging apps> where those devices have received at least 200 notifications within 50ms of a notification received by this device. (You will have to make Google or Apple share the list with the target timings with the other)

      That will give you a list of everyone who is in a group chat with your target, regardless of whether or not the messages were deleted or encrypted. Now you tell Apple/Google to give all the data on those accounts. You will probably find enough in their Gmail/location history/browsing history to identify nearly all associated people without ever bothering to look at IP addresses.

      This also works if you get into a chat with your target. You send some messages and then have Google/Apple identify their device via timing, then identify all their associates.