I believe this is misunderstanding how the entitlement works. My belief is that you submit the list of SSIDs to Apple at the time of app review and it can only be changed with an update. I don’t think there’s any support for a dynamic list.
It does say that it has to be in code, but then it goes on to talk about copying in an ssid at runtime and commenting on typing in an ssid even in the last sentence.
I was hoping to make it clear that it is not actually in code (ie swift or objectives), it is an entitlements file which is a block of unchangeable data created at dev time and signed by Apple before it goes on the App Store.
"While I haven’t tested the beta myself, it appears it gets to run the whole time you’re on that SSID and it can implement whatever protocol it wants to talk to your proprietary server."
I'm currently in quarantine in a Singapore hotel and the government forced me to install a location tracking app on my phone.
For several reasons that I won't go into, I've come to think that they have issues where the app is being killed by iOS for a lot of people.
Although iOS background killing is obscure, it's well known that background service would definitely get killed(at max ~3 mins?), the behaviour is same across all devices and different OS iterations.
But in Android, apart from default doze, battery optimisation feature, each manufacturer implement their own aggressive app killing services and so managing background tasks becomes very hard. At least in recent versions of Android, app developer can navigate the user to disable battery optimisation for their app if needed, which would affect default system behaviour but out of luck if the manufacturer implements their own app killer.
Unfortunately, I didn't see any of the contact tracing apps of several countries explicitly asking users to disable battery optimisation/app killers or whitelist bg task permission for their apps and I think that's one of the main reasons for the supposed failure of contact tracing apps.
The app doesn't get killed that quickly because it has location services on in the background. It's the same reason that Google Maps doesn't get killed in the background when it's giving you directions. iOS prompts for permission, but the authorities gave us instructions to grant such permissions.
That being said, it is thee case that if you open sufficient apps (especially memory hungry ones) the app will be killed regardless.
I've resigned to manually bringing the app to the foreground every now and then in an attempt to reduce the number of phone calls I get from the government to a minimum (currently 1-2 per day).
So this is maybe (probably?) unrelated, but when touching down on an airplane, I always start getting push notifications even before joining the local WiFi etc. What's going on there? Am I imagining this or does it actually happen?
I often toggle mobile data on my phone when I'm away from WiFi, and I also noticed that even when mobile data is off, sometimes push notifications come through. It's hard to explain the conditions when it has happened, but it's uncanny when it happens.
(I work for a company that provides guest WiFi services in public spaces.)
It's usually not that those specific services are whitelisted, but that a number of hostnames have to be whitelisted for the user experience. Sometimes, those hostnames include those types of services, depending on the phone, OS, carrier, etc.
I know for sure, push notification can come through airport wifi (the ones that you need to log in), even when you are not logged in. It may be something to do with notification via IP address instead of hostname.
Can someone who has dived into the code on iOS/Darwin or Android/Linux kernel verify this?
Fond memories of Novell Netware's BROADCAST command... I discovered it as I was exploring the (then unknown to me) Netware client on Microsoft Windows 3.x, I tried something like BROADCAST "Nuclear strike inbound". Then, in the university's computer lab, I saw some puzzled heads rise and some look askingly at their neighbor... The command had performed as designed: Netware had beautifully, and to my horrified stupefaction, sent the message to the whole network of a large university, with a pop-up on each workstation... I grabbed my bag and got the hell out of there - in the hallway I crossed a sysadmin running in the opposite direction... For a few weeks I made myself very discreet and avoided the computer labs - the sysadmin of course knew and asked me if I had done or noticed anything unusual, which I stupidly denied but he was kind enough to let it pass.
Ah, NET SEND. The first time I ever got in trouble at school. For punishment they made me start an after school computer club, run by the IT admin who I’d embarrassed.
When I got to university I knew NET SEND only from ad-hoc networks with my buddies. On one of my first days in the CIP I wondered if it worked the same way in a real professional network. Never expected it to, so I tried it - just to proof my expectations. The shock came when the whole hall beeped in unison. Other than you, I sat there and desperately tried to act normal in the best Mister Bean fashion. Luckily no one cared, so all was good.
I had a similar experience a little later when I tried if I could reach the webserver I had started on the uni workstation from my home. To my big surprise it worked and I figured if I could reach it from my home, everyone could from everywhere. This was a big wonder for me. Of course, back then nothing was NATed and not much was firewalled.
My brain jumped to "net send" - in the good old times, it was not restricted to the LAN but also possible to tell someone over the open internet, they were sending out viruses via email. I think that was still possible with Windows 2000.
25 comments
[ 2.7 ms ] story [ 65.6 ms ] threadI was hoping to make it clear that it is not actually in code (ie swift or objectives), it is an entitlements file which is a block of unchangeable data created at dev time and signed by Apple before it goes on the App Store.
I'm currently in quarantine in a Singapore hotel and the government forced me to install a location tracking app on my phone.
For several reasons that I won't go into, I've come to think that they have issues where the app is being killed by iOS for a lot of people.
It sounds like this would solve that 'problem'.
But in Android, apart from default doze, battery optimisation feature, each manufacturer implement their own aggressive app killing services and so managing background tasks becomes very hard. At least in recent versions of Android, app developer can navigate the user to disable battery optimisation for their app if needed, which would affect default system behaviour but out of luck if the manufacturer implements their own app killer.
Unfortunately, I didn't see any of the contact tracing apps of several countries explicitly asking users to disable battery optimisation/app killers or whitelist bg task permission for their apps and I think that's one of the main reasons for the supposed failure of contact tracing apps.
That being said, it is thee case that if you open sufficient apps (especially memory hungry ones) the app will be killed regardless.
I've resigned to manually bringing the app to the foreground every now and then in an attempt to reduce the number of phone calls I get from the government to a minimum (currently 1-2 per day).
If no: i would say no. But if you get an alert popup, it can be mechanism like mobile sending generic alerts for tornado and stuff
It's usually not that those specific services are whitelisted, but that a number of hostnames have to be whitelisted for the user experience. Sometimes, those hostnames include those types of services, depending on the phone, OS, carrier, etc.
Can someone who has dived into the code on iOS/Darwin or Android/Linux kernel verify this?
https://ss64.com/nt/net-send.html
I had a similar experience a little later when I tried if I could reach the webserver I had started on the uni workstation from my home. To my big surprise it worked and I figured if I could reach it from my home, everyone could from everywhere. This was a big wonder for me. Of course, back then nothing was NATed and not much was firewalled.
Those were the times and fun times indeed.