

How to go from zero to 400,000 push notifications in one day - MProgrammer
http://islandofdoom.com/how-to-go-from-zero-to-400000-push-notifications-in-one-day/

======
ajlburke
Nice post-mortem of a quirky bug. I think we're only going to be getting more
problems as web services can change their APIs instantly, while iOS apps have
a build-test-deploy cycle measured in weeks.

Don't get me started about Facebook

~~~
AUmrysh
I think API versioning is important for this very reason. It's also important
for developers to update their code to run on newer versions of the API so
companies can drop support for the old API eventually.

------
dan1234
I'm pretty surprised that neither Apple nor StackMob had an upper limit for
the number of notifications your account could send or a user's device could
receive within a set time.

I wonder how many users have now uninstalled your app?

------
stickfigure
Do I understand correctly that StackMob lets your iOS client send push
notifications directly to other users?

How does this API prevent spammers from hijacking your app credentials to send
pushes to all your users?

~~~
MProgrammer
They're not sent "directly" -- they go through StackMob's servers. Urban
Airship has a client library that can do the same thing, and it's widely used.

I can see how it's certainly possible for a spammer to do that with hackery,
but there's a mechanism to revoke API keys and so forth if needed.

~~~
stickfigure
Revoking your API key is the equivalent of taking your application offline.
And there's no fix; as soon as you reissue your application (after waiting a
week for Apple's approval) then the spammer has your API key again and can
start sending pushes through StackMob/Urban Airship.

I send a lot of push notifications through my own servers. I made sure that
spammers would have a hard time abusing it by constraining (server-side) who
can send what messages to whom. Unless I'm missing something, StackMob has no
defense against spam whatsoever.

If spammers aren't already abusing this, they will be soon.

~~~
MProgrammer
I think it would help a lot if broadcast were unavailable via the client-side
API. Without broadcast, an attacker would have to find out usernames or device
tokens to push to. I'll suggest that to StackMob and see what they think.

------
hackmiester
I wonder if there is any chance of seeing this app on Android. I know it's a
small project and that seems silly, but hell, maybe I want to talk to iPhone
users.

------
StavrosK
TL;DR: It was a bug.

