25 comments

[ 2.7 ms ] story [ 65.6 ms ] thread
I believe this is misunderstanding how the entitlement works. My belief is that you submit the list of SSIDs to Apple at the time of app review and it can only be changed with an update. I don’t think there’s any support for a dynamic list.
(comment deleted)
The article explicitly says the SSIDs need to be written in code and that there is no dynamic mechanism.
It does say that it has to be in code, but then it goes on to talk about copying in an ssid at runtime and commenting on typing in an ssid even in the last sentence.

I was hoping to make it clear that it is not actually in code (ie swift or objectives), it is an entitlements file which is a block of unchangeable data created at dev time and signed by Apple before it goes on the App Store.

"While I haven’t tested the beta myself, it appears it gets to run the whole time you’re on that SSID and it can implement whatever protocol it wants to talk to your proprietary server."

I'm currently in quarantine in a Singapore hotel and the government forced me to install a location tracking app on my phone.

For several reasons that I won't go into, I've come to think that they have issues where the app is being killed by iOS for a lot of people.

It sounds like this would solve that 'problem'.

Although iOS background killing is obscure, it's well known that background service would definitely get killed(at max ~3 mins?), the behaviour is same across all devices and different OS iterations.

But in Android, apart from default doze, battery optimisation feature, each manufacturer implement their own aggressive app killing services and so managing background tasks becomes very hard. At least in recent versions of Android, app developer can navigate the user to disable battery optimisation for their app if needed, which would affect default system behaviour but out of luck if the manufacturer implements their own app killer.

Unfortunately, I didn't see any of the contact tracing apps of several countries explicitly asking users to disable battery optimisation/app killers or whitelist bg task permission for their apps and I think that's one of the main reasons for the supposed failure of contact tracing apps.

The app doesn't get killed that quickly because it has location services on in the background. It's the same reason that Google Maps doesn't get killed in the background when it's giving you directions. iOS prompts for permission, but the authorities gave us instructions to grant such permissions.

That being said, it is thee case that if you open sufficient apps (especially memory hungry ones) the app will be killed regardless.

I've resigned to manually bringing the app to the foreground every now and then in an attempt to reduce the number of phone calls I get from the government to a minimum (currently 1-2 per day).

So this is maybe (probably?) unrelated, but when touching down on an airplane, I always start getting push notifications even before joining the local WiFi etc. What's going on there? Am I imagining this or does it actually happen?
I often toggle mobile data on my phone when I'm away from WiFi, and I also noticed that even when mobile data is off, sometimes push notifications come through. It's hard to explain the conditions when it has happened, but it's uncanny when it happens.
Out of airplane mode or not? If yes: yeah why not, perhaps your mobile network was able to get something in or you catched a wifi short term.

If no: i would say no. But if you get an alert popup, it can be mechanism like mobile sending generic alerts for tornado and stuff

Google and Apple push notification services are often whitelisted in WiFi networks so they work before you "sign in" to the network.
This sounds like the most reasonable explanation as I have data roaming off (and am always flying between countries)
(I work for a company that provides guest WiFi services in public spaces.)

It's usually not that those specific services are whitelisted, but that a number of hostnames have to be whitelisted for the user experience. Sometimes, those hostnames include those types of services, depending on the phone, OS, carrier, etc.

I know for sure, push notification can come through airport wifi (the ones that you need to log in), even when you are not logged in. It may be something to do with notification via IP address instead of hostname.

Can someone who has dived into the code on iOS/Darwin or Android/Linux kernel verify this?

You're maybe getting them through the mobile network instead of wifi ?
Fond memories of Novell Netware's BROADCAST command... I discovered it as I was exploring the (then unknown to me) Netware client on Microsoft Windows 3.x, I tried something like BROADCAST "Nuclear strike inbound". Then, in the university's computer lab, I saw some puzzled heads rise and some look askingly at their neighbor... The command had performed as designed: Netware had beautifully, and to my horrified stupefaction, sent the message to the whole network of a large university, with a pop-up on each workstation... I grabbed my bag and got the hell out of there - in the hallway I crossed a sysadmin running in the opposite direction... For a few weeks I made myself very discreet and avoided the computer labs - the sysadmin of course knew and asked me if I had done or noticed anything unusual, which I stupidly denied but he was kind enough to let it pass.
I came a bit later than you I suspect but I had a similar experience in my middle school computer lab with NET SEND.

https://ss64.com/nt/net-send.html

I had completely forgotten about this, thank you! I had so much fun with Net Send in my primary school computer lab.
Ah, NET SEND. The first time I ever got in trouble at school. For punishment they made me start an after school computer club, run by the IT admin who I’d embarrassed.
I used to have silly amounts of fun with Broadcast in Netware in the office - mainly to announce it was time for Friday drinks down the pub.
When I got to university I knew NET SEND only from ad-hoc networks with my buddies. On one of my first days in the CIP I wondered if it worked the same way in a real professional network. Never expected it to, so I tried it - just to proof my expectations. The shock came when the whole hall beeped in unison. Other than you, I sat there and desperately tried to act normal in the best Mister Bean fashion. Luckily no one cared, so all was good.

I had a similar experience a little later when I tried if I could reach the webserver I had started on the uni workstation from my home. To my big surprise it worked and I figured if I could reach it from my home, everyone could from everywhere. This was a big wonder for me. Of course, back then nothing was NATed and not much was firewalled.

Those were the times and fun times indeed.

My brain jumped to "net send" - in the good old times, it was not restricted to the LAN but also possible to tell someone over the open internet, they were sending out viruses via email. I think that was still possible with Windows 2000.
"net send" is also supported on Windows XP, but it's disabled by default since SP3.
We at Home Assistant will be applying for the entitlement for our (open source) iOS app.