this post was submitted on 11 Dec 2023
17 points (90.5% liked)

Apple

17467 readers
301 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
17
Beeper’s iMessage app for Android is back — but it’s a downgrade (www.theverge.com)
submitted 11 months ago by [email protected] to c/[email protected]
12 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 17 points 11 months ago (1 children)

Beeper is also responding to Apple’s initial statement that its app, which is based on a reverse engineering of the iMessage protocol, comes with potential risks to user privacy and security. “We deeply object to the allegation,” the company wrote, and it’s willing to share Beeper Mini’s entire codebase “with a mutually agreed upon third-party security research firm” to analyze the app for any issues.

Beeper is kind of missing the point here. Apple is not shutting it down because Beeper could do anything bad to its users — these are Android users that might not even own an Apple device. Rather, Apple is shutting it down because other people could use similar exploit (the POC appears to use an unsigned device certificate for device authentication) to send phishing / spam messages to the Apple iOS/macOS users at large. With the exploit taken away, it is harder for bad actors to leverage the same channel to attack regular users because without third party means to do this, bad actors would have to find other ways to automate attacks on a much more restricted device.

[–] [email protected] 12 points 11 months ago (1 children)

Exactly.

If you want to be mad about Apple not opening iMessage up, be mad that they don’t have an SDK, API, etc for non-Apple developers.

Don’t be mad that they’re plugging exploits that people decided to turn into a product.

[–] [email protected] 2 points 11 months ago* (last edited 11 months ago)

If you want to be mad about Apple not opening iMessage up, be mad that they don’t have an SDK, API, etc for non-Apple developers.

There might have been anger in the beginning but after 10+ years it's just kinda disappointment.

The only reason anybody is trying to make it a product is because there is demand and they think people will pay if they can deliver.