Using Tor’s Hidden Services To Maximize the Security of Push Notification Services
Push notification, which is also referred to as server push notification, represent the process of delivery of data from a software app to a given computing device, without having to deal with any specific requests from the client.
Apart from pull notifications, which involve requesting data from a given server by the client, push notifications arise from a server. As a rule, the end user chooses whether or not to receive alerts; this usually occurs during the installation process. The end user is provided with means to manage their alerts in case he/she changes their mind in the future.
One of the most essential advantages of push notifications, when mobile computing is considered, lies in the fact that the technology does not need any specific software to be running on a mobile device so that a message would be received. As such, this will enable smartphones to receive and display text messages or social media notifications even if the mobile phone’s screen is locked and the social media’s application, which is pushing the notification, is not running.
Different mobile devices and services depend on various methods to convey push notifications. For instance, iOS developers can use the application programming interface (API) of the Apple Push Notification Services to program their apps to deliver push notifications to iPhones. Alternatively, cloud services of mobile backend as a service (MBaaS) can be utilized to add push notification functionalities to mobile applications.
Push notification technologies provide efficient, energy friendly, store-and-forward messaging services between clients and servers. This communication mode is increasingly gaining popularity, as it is compelling for various mobile devices to the extent that nowadays push notification services are integrated by default into mobile operating systems. Nevertheless, today push notification services give the service provider the opportunity to exercise censorship, undergo location tracing and conduct surveillance. Can utilizing Tor’s network help in loosening the grip of service providers on various push notification services?
Combining Tor’s Hidden Services With Push Notification Technologies:
A group of researchers from the University of Cambridge explored, via their recently published paper, whether or not running a Tor anonymous service from a smartphone can offer an efficient, alternative that promotes high levels of privacy and anonymity. Empirical measurements were conducted in the laboratory, in addition to modeling via means of data extracted from 2 014 mobile handsets in the dataset of the Device Analyzer. The researchers estimated the median cost of mobile data needed to support a Tor anonymous service for a month from a smartphone to be approximately 198 MB.
The researchers also explored the amount of energy required to deploy Tor’s hidden services in push notification services. They estimated the activity of the network to cost approximately 9.6% of the total battery power on a Nexus One smartphone, with a daily charging cycle and using 3G to connect to the internet. They also examined four strategies to reduce the costs of cellular data, which if combined together can reduce the overall monthly median cost to approximately 61 MB.
Accordingly, the research study concluded that implementing Tor’s hidden services to various push notification technologies will heighten the security of transmitted information and markedly reduce the ability of service providers to monitor communications, exercise censorship and pinpoint the location of various users. Setting up Tor’s hidden services that connect to smartphones to help in deanonymization of push notification services will need usage of cellular data across 3G, or later generation, mobile networks which can be relatively costly to some users. Even though the authors of the paper managed to come up with strategies that can reduce the monthly median costs of data transfer to around 61 MB, this can be more or less expensive in some parts of the world, especially in developing countries. Further research is needed to keep this amount to a minimum, which can facilitate the popularization of implementation of Tor network in various push notification services.