- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
“App developers can encrypt these messages when they’re stored (in transit they’re protected by TLS) but the associated metadata – the app receiving the notification, the time stamp, and network details – is not encrypted.”
That’s actually a really good point I hadn’t thought of. I still think other data would be more useful, but your example is the first one I’m hearing that maybe could have work if they had no other data to work with