#Privacy: Facebook, TikTok, and Other Apps Use Push Notifications to Send Data about Your iPhone

preview_player
Показать описание
This video sheds light on a growing practice among data-hungry apps where they use the background execution time allocated by iOS for the purpose of customizing notifications to send app analytics. Many apps do this. We just picked a few for this demo.

Apps on iOS don't run in the background. iOS doesn't allow apps to run in the background for a variety of reasons, mostly related to privacy and performance. Although iOS allows apps to run a few background tasks, access to background execution time is very restricted. But starting in iOS 10, iOS added a new feature to allow apps to customize push notifications even if they are not running. iOS wakes the app in the background when it receives a notification and allows the app a limited time to customize the notification before it is presented to the user. This includes decrypting an encrypted payload and downloading additional content to enrich the notification. Once the app hands in the customized notification to the system or the background time allocated runs out, the app is terminated.

This feature is now being widely used by data-hungry apps to send analytics during this background time. The analytics include unique signals about the user's device that allow for fingerprinting and tracking users across different apps developed by different developers. Apple does not allow fingerprinting. To counter fingerprinting, Apple is going to require developers to declare why their apps need access to required reason APIs, or APIs that provide signals commonly used for fingerprinting.

Chapters:

00:00 Introduction
01:44 TikTok
02:26 TikTok Uptime
02:42 Facebook
02:56 Facebook Uptime
03:29 X
04:08 X Uptime
04:23 LinkedIn
05:03 Bing
05:32 Final Words Peppered with Notifications

For more content like this, you can find us here:

#privacy #cybersecurity #iphone #iOS #security #infosec

A few links ..
Required Reason APIs:

Apple Notifications:

Notification Service Extension:
  1. Mysk
  2. Privacy
  3. security
  4. iPhone
  5. TikTok
  6. Facebook
Рекомендации по теме
How To View 0:02:09

How To View Someone's Private Tiktok Account Without Following

How to View 0:00:53

How to View Blocked Users List on TikTok | TikTok Guide

5 TikTok Settings 0:02:16

5 TikTok Settings you Should Change Right Now

How To Hide 0:00:41

How To Hide Your TikTok Account From Your Contacts - Hide TikTok Profile from Phone Contacts

How To Fix 0:02:40

How To Fix TikTok Privacy Settings

How to hide 0:01:15

How to hide your tiktok account from other people

How to Unlink 0:00:55

How to Unlink TikTok from Facebook

How to Tiktok 0:01:37

How to Tiktok Privacy Settings 2024

Difference Between TikTok 0:09:01

Difference Between TikTok Privacy & Other Apps

TikTok Poses Similar 0:03:22

TikTok Poses Similar Data And Privacy Risks As Facebook, Google

How to Connect 0:01:59

How to Connect Tiktok to Facebook - Full Guide

#1 Most Important 0:03:36

#1 Most Important iPhone PRIVACY Setting (You Need To Know This!)

tiktok account ko 0:02:20

tiktok account ko private se public kaise kare 2023 | tiktok switch account private to public 2023

How To Send 0:01:54

How To Send Private Messages On TikTok

How to Enable 0:00:59

How to Enable Live Photos on TikTok | TikTok Guide

Stop Your TikTok 0:00:43

Stop Your TikTok Account from Being Suggested to Contacts & Other Users You May Know

How To Block 0:00:25

How To Block Someone On TikTok | TikTok Guide

How to delete 0:00:43

How to delete tiktok account permanently,

How to Protect 0:02:31

How to Protect Tiktok Account in Urdu | Tiktok Security Settings | Tiktok ID Secure kaise kare?

How To Make 0:01:47

How To Make All TikTok Videos Private

Tik Tok id 0:01:37

Tik Tok id Kaise Chupaye | How to Hide Tiktok Account from Others

Tiktok basic Settings 0:06:41

Tiktok basic Settings || privacy settings on tiktok | how to basic TikTok settings

2024 UPDATED: How 0:00:44

2024 UPDATED: How to Change Your TikTok Region Country Location

TikTok's CEO was 0:00:38

TikTok's CEO was asked if the app accesses Wi-Fi at a US congressional hearing on Mar 23.

Комментарии
Автор

Thank you for these informative videos. I very much appreciate the work that goes into making these!

origamipostit
Автор

Thank you so much for pointing this out. These kind of practices need to end.

laurenzvock
Автор

0:34 For those curious. Apps have about 10 to 15 seconds before the device quits the subprocess and just shows the notification as it was received, no processing applied

tdrg_
Автор

I love your channel, I’ve learned a lot of useful information from you. Keep up the good work!

DarkShot-Media
Автор

Nice work! What method are you using to bypass SSL Pinning?

StefanAurori
Автор

Disabling the notifications prevents this from happening?

alex.figueroa
Автор

In the end, you say Apple will soon do something about this. Did they provide a timeline as to when that may be?

Poppin
Автор

I’ve kept notifications turned off for a few years on any app that doesn’t need it for this reason. Would be interested to see how other mainstream apps like YouTube, Discord, Telegram, Snapchat, mail clients, etc behave.

progenitor_amborella
Автор

Yep, you’re right! Good damn… Thanks for your work, you really a hero!

-anonim-
Автор

You can turn off the push notifications

xingyao
Автор

Loved the presentation except for the music.

sam.francis
Автор

Does blocking the notification, stop this?

sam.francis
Автор

I’m literally turning off every notification. Unless it’s a person calling or texting me, eff em

maltoNitho
Автор

Does the App Privacy Report record any of this?

birn
Автор

how much of these information do these apps already have after you installed and opened them once, seems like the only relevant tracking information is the boot time here, other device related information they already got it, no?

noizz
Автор

Is it true that iPhone users can now see if their contacts are ignoring their calls and messages? Example: iPhone user texts Android/iPhone user. Android/iPhone user doesn't respond, but Android/iPhone user continues to use other apps on their phone.

aryalc.h.
Автор

I know it's been said, but, like make a freaking website and/or blog post for this. Just showing a bunch of text in a youtube video is painful. Also like seeing the full logs of the captures would be nice as well, with anything redacted that should be...

pausmth
Автор

I'm never installing a third party app again

Woedric
Автор

What app are you using on the Mac to track the network traffic of the iPhone?

MariaGarcia-ynku
Автор

Would this data be linked to one’s account and as such technically be part of a GDPR request?

YouTube_Nr.