[mason55]

Sounds like you're responsible for ensuring that your app only sends broadcasts when appropriate. If you create an app that lets end users send push notifications to an arbitrary list of users then that's on you for allowing it to happen.

[stickfigure]

If the iOS application decides who to send messages to and what the content of the message should be, then anyone who downloads the app now has the ability to spam to any other user just by extracting the API key out of the binary and using the StackMob API directly.