logoalt Hacker News

lou1306today at 3:35 PM3 repliesview on HN

What about a "fake push" that does not leak message contents, sender etc.? Fuzz the time the push notification is sent by a random amount of time and you have something plausibly private given the constraints?


Replies

_heimdalltoday at 3:56 PM

You're still dependent on Apple continuing to allow such a use.

If the goal is messaging that avoids government spying or censorship its a lost cause - the government would simply compel Apple to pull the app in their jurisdiction.

joecottoday at 4:02 PM

Briar is designed to work over 1) tor, 2) ad-hoc wifi, 3) bluetooth. None of those are going to be conducive to sending push notifications through Apple's servers.

thaynetoday at 4:00 PM

That still exposes some metadata. Depending on your threat model, leaking the timing may or may not be a problem.

Also, how do you avoid leaking the sender? You can avoid giving Apple that information by routing the notification through a server, but then that server would know the sender and recipient.