Remix.run Logo
lou1306 2 hours ago

What about a "fake push" that does not leak message contents, sender etc.? Fuzz the time the push notification is sent by a random amount of time and you have something plausibly private given the constraints?

_heimdall 2 hours ago | parent | next [-]

You're still dependent on Apple continuing to allow such a use.

If the goal is messaging that avoids government spying or censorship its a lost cause - the government would simply compel Apple to pull the app in their jurisdiction.

joecot 2 hours ago | parent | prev | next [-]

Briar is designed to work over 1) tor, 2) ad-hoc wifi, 3) bluetooth. None of those are going to be conducive to sending push notifications through Apple's servers.

thayne 2 hours ago | parent | prev [-]

That still exposes some metadata. Depending on your threat model, leaking the timing may or may not be a problem.

Also, how do you avoid leaking the sender? You can avoid giving Apple that information by routing the notification through a server, but then that server would know the sender and recipient.