Apple push notifications are sending data to companies

Surveillance capitalism strikes again!

MajorLinux
MajorLinux - Editor-in-chief
Photo by Charlotte May on Pexels.com

Some time ago, I wrote about Apple spilling the tea on government agencies requesting notification data. While that information was given up by Apple by request, companies have been getting it secretly.

A security research named Tommy Mysk has provided evidence that our push notifications are sending identifiable information through apps.

https://youtu.be/4ZPTjGG9t7s

In the video, he demonstrates how apps like Facebook, TikTok, Twitter, LinkedIn, and Bing are using an iOS feature to collect the data. The feature was introduced in iOS 10 to allow apps to run a bit of code to customize notifications. The apps mentioned earlier use that code execution to get data about you and your phone.

This move is not permitted by Apple in anyway. Apple does go out of its way to catch when apps are collecting data. With iOS 14.5, it introduced App Tracking Transparency. That was put in place to ask users if they would like their data to be collected. This workaround seems to circumvent that question and allows companies to collect the data anyway.

It’s bad enough that it is being used by apps that would no doubt love to serve you ads, imagine if a malicious actor did it. They make an innocent looking app to get through the review process. After it gets approved, people begin downloading the app and things start happening through the notifications.

Hopefully, now that this is out, Apple can fix it or at least be aware that this is happening and block apps that abuse it.

Source: MacRumors

Share This Article
By MajorLinux Editor-in-chief
Follow:
Marcus Summers is a Linux system administrator by trade. He has been working with Linux for nearly 15 years and has become a fan of open source ideals. He self identifies as a socialist and believes that the world's information should be free for all.
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *