Push Notification glitch causing IM misrouting | iLounge News

2014 iPad iPhone iPod Buyers' Guide from iLounge.com

News

Push Notification glitch causing IM misrouting

Author's pic

By Charles Starrett

Contributing Editor
Published: Tuesday, July 21, 2009
News Categories: iPhone

A new problem with Apple’s Push Notification service and hacked iPhones is causing AIM messages to be sent to unknown/random recipients without the user’s knowledge. Till Shadde, CEO of Equinux, discovered the glitch by sending an AIM from his Mac to his iPhone, only to get a response back from an unknown user. According to his Twitter stream, the problem manifests itself when sending a message to a hacked iPhone containing the Push Notification service hack, Shaddde claims that any message sent to a hacked iPhone running the Push hack “seems to be broadcasted to all hacked phones.” Apple is believed to be actively blocking Push Notification service on hacked or unlocked iPhones.

« Foxconn employee commits suicide after losing new iPhone prototype

Klipsch intros Image S4i In-Ear Headset »

Related Stories

Comments

1

You should re-title this article.  Push notifications for non-hacked iPhones is fine.  This is how bad info is propagated.  And non-techie users start to believe there may be a problem.


At the very least, lead off the story that it only applies to hacked iPhones for push!

Posted by Joel on July 21, 2009 at 11:15 AM (PDT)

2

Really, what do you expect?

I’m sure the push service works on a system of unique ID’s for each iPhone device being registered with the notification server. I would imagine somewhere along the hacking process there is a single ID being propagated to each iPhone device in the hack code. This would explain the one message to multiple devices issue which will not be an issue for regular users.

That said however, this could mean that there is a potential for a hacker to configure their phone to spoof any number of iPhones and receive the respective iPhones push notification???

Posted by Mark on July 21, 2009 at 12:13 PM (PDT)

3

@Mark: If the push notifications are using public-key encryption, then the issue is that the jailbroken phones are all using the same key pair; if a hacker has your private key, then yes, they can spoof your iPhone and get your push notifications…but it’s not as simple as just “configuring their phone”.

Posted by ckd on July 22, 2009 at 9:57 AM (PDT)

4

Although I haven’t looked into the specifics of this particular issue (yet), from what I understand of the Apple activation procedures, the iTunes-iPhone handshake that occurs when you first connect your new device to iTunes issues a public/private key pair that is unique to your device.  Hacked/jailbroken iPhones have not gone through the normal iTunes activation process, since iTunes would naturally refuse to activate them without a valid SIM card and carrier account.

This was the same problem people had getting YouTube to work back in the early days of jailbreaking the first-generation iPhone. Many users of unlocked/jailbroken iPhones discovered that the YouTube app wouldn’t work at all.  The problem is that the iPhone authenticates to YouTube using the certificate/key set that generated during the iTunes activation process.  The workaround in this case was to supply a generic certificate for all of the jailbroken iPhones to access YouTube.  This of course worked without any real consequences since YouTube didn’t really care about the certificates being device-specific.

The also goes back to the question of whether Apple was ever actively blocking push notifications on hacked iPhones, any more than they were actively blocking YouTube two years ago.  If Push Notifications require an Apple-issues certificate, and hacked iPhones don’t actually have the certificate because they weren’t activated by iTunes, then they won’t receive push notifications simply because they’re missing the necessary credentials to communicate with Apple’s push notification servers.

Posted by Jesse Hollington in Toronto on July 22, 2009 at 10:22 AM (PDT)

If you have a comment, news tip, advertising inquiry, or coverage request, a question about iPods/iPhones/iPad or accessories, or if you sell or market iPod/iPhone/iPad products or services, read iLounge's Comments + Questions policies before posting, and fully identify yourself if you do. We will delete comments containing advertising, astroturfing, trolling, personal attacks, offensive language, or other objectionable content, then ban and/or publicly identify violators.

Commenting is not available in this section entry.

Email:

Recent News

Recent Reviews

Recent Articles

Shop for Accessories: Cases, speakers, chargers, etc.