And the secure “lockdown” mode on iOS disables push notifications for exactly this reason. But the vast majority of people don’t use lockdown mode in their day to day, because it kills a lot of the functionality of the phone. Lockdown mode is intended for people who may actually be targeted by laser-focused hacking attempts. Politicians, celebrities, people with high security clearance, etc… It’s not something that the average person would use.
Apple even publishes this as a known vulnerability. It’s due to the way push notifications work. Similar to SMS, push notifications default to unencrypted because there isn’t a single unified system. Each carrier and cell manufacturer handles push notifications differently, so they’re kept unencrypted so that the public encryption key doesn’t get lost during transit; That would just result in scrambled junk messages.
And the secure “lockdown” mode on iOS disables push notifications for exactly this reason. But the vast majority of people don’t use lockdown mode in their day to day, because it kills a lot of the functionality of the phone. Lockdown mode is intended for people who may actually be targeted by laser-focused hacking attempts. Politicians, celebrities, people with high security clearance, etc… It’s not something that the average person would use.
Apple even publishes this as a known vulnerability. It’s due to the way push notifications work. Similar to SMS, push notifications default to unencrypted because there isn’t a single unified system. Each carrier and cell manufacturer handles push notifications differently, so they’re kept unencrypted so that the public encryption key doesn’t get lost during transit; That would just result in scrambled junk messages.