|
|
|
|
|
|
by gcr
3590 days ago
|
|
|
Why not use Apple's servers to deliver a ping, and then the app checks with your own server what the content of the message should be? That way, you get realtime event notifications without the privacy risk of exposing content to Apple's servers. |
|
|
That same certificate can be used to replace your app on the store, or so on.
Basically, that is your one key to the kingdom.
So, I obviously can’t give everyone who hosts a server for the app that key.
So I have to host a server transmitting all those pings then.
Even ignoring the obvious DDoS risk, and assuming it’s only used in good ways, I end up with having to buy an entire additional server, just for that.
And I still leak metadata, which – as the NSA has shown – can be easily correlated with who is whom if you have enough data.