Security researcher Tommy Mysk discovered a method for leaking information from iPhones, which are known to be relatively successful in protecting data. While this technique uses notifications from applications, those who “circumvent” Apple’s confidentiality rules are not the only ones who develop the applications.
The usual suspects are together again: Meta, TikTok, X…
According to investigations conducted by Mysk Inc, Tommy Mysk’s company, many applications, especially Facebook, LinkedIn, TikTok and X/Twitter, collect user data through notifications. Thus, companies can access user information even if the applications are closed. It is known that many people close applications to preserve the battery of their phones and prevent data collection in the background. The technique of collecting information from notifications goes around these formulas.
According to security researchers, companies collect information during the application of the short background prompt given for notification personalization. This information is also added to data pools by companies for analysis. Under normal circumstances, Apple does not allow applications that are not started by the user to run, but since iOS 10, programs are active for a very short time when notifications are removed. Thus, data related to the notification is transmitted. In this short moment, many companies have already collected personal data.
Among this information, there is also software and hardware information of the device, data that will allow monitoring of users, and even information that will allow monitoring interactions with other applications. Apple seems to be tightening its grip on this issue in future iOS updates.