Investigators seek push notification metadata in 130 cases - eviltoast

“App developers can encrypt these messages when they’re stored (in transit they’re protected by TLS) but the associated metadata – the app receiving the notification, the time stamp, and network details – is not encrypted.”

  • RandoCalrandian@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    8 months ago

    This.

    If there’s a notification for an encrypted group chat, you can use that metadata to identify the devices of all parties involved in that chat, because the push system has to queue all that up and send it at the same time.

    That’s just one valuable use of this data.