this post was submitted on 11 Dec 2023
398 points (96.9% liked)

Technology

59169 readers
2325 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Senator Warren calls out Apple for shutting down Beeper's 'iMessage to Android' solution::U.S. Senator Elizabeth Warren (D-Mass.) is throwing her weight behind Beeper, the app that allowed Android users to message iPhone users via iMessage,

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 11 months ago (5 children)

Did Beeper clear its usage of the iMessage platform with Apple? Sign a contract? Get an SLA agreement with Apple in writing?

I was under the impression that they found essentially a back door/work around to latch into the iMessage platform… in that case this is no different than Cisco patching some routers or MS fixing a security hole. If anything I’d be more annoyed that Apple didn’t patch it quicker.

I’d love to be able to use iMessage with my android friends, but Beeper’s methods seemed sketchy as hell.

[–] [email protected] 31 points 11 months ago* (last edited 11 months ago) (1 children)

It was an exploit that mimicked the device as apple hardware, but it wasent sketchy. Everything was still e2ee, with beeper having no access to any data.

It was the exact opposite of what the Nothing "middleman" did that was actually sketchy.

[–] [email protected] 3 points 11 months ago (1 children)

It was an exploit

...

but it wasent sketchy

Ah yes, businesses based on exploits. Very not sketchy.

[–] [email protected] 2 points 11 months ago* (last edited 11 months ago) (1 children)

It wasent a bug in software. As I understand it, they cloned an apple hardware ID.

They basically put on an "Im an apple!" mask and then used iMessage as expected. While an "exploit" it is not inherently a security issue.

Ah yes, businesses based on exploits. Very not sketchy.

Enabling interoperability in purposely walled gardens for the overall greater good of the Internet? Sounds like some good ol' hackers spirit to me. If they make a few bucks while they do it, even better.

Yall realize youre on a tiny, open source network right now that employs the same kind of scrappy "do the right thing because it's right" ethos, yeah? That at some point beeper might be a bridge to things like direct mastadon/iMessage/messenger/whatsapp/matrix compatibility?

Im rooting for them to keep it up.

[–] [email protected] 2 points 11 months ago* (last edited 11 months ago) (1 children)

I think you're conflating two different things when it comes to my comment. While I can agree in spirit, and were someone to release a FOSS version of this that did the same thing, I'd go right along with you on the whole "hacker spirit" thing (like the kid who wrote the original exploit and put it up for free on GitHub), but that's not what is happening here. This:

Enabling interoperability in purposely walled gardens for the overall greater good of the Internet?

is not what's happening, this is Beeper just trying to make money basically selling fake ID's so you can get into the club, and the whole "uwu I'm a wittle startup don't hurt me Apple" is just marketing spin for what I have to imagine was the rather insane assumption on the part of Beeper that they thought they found something that was unpatchable, and/or that they could somehow publicly pressure Apple to not sue them out of existence for what is potentially a crime (laws against hacking usually don't give a shit about the method you use to breech a system, just whether that use is authorized which this is clearly not.) Apple has reasonable claim to financial damage as well, since Beeper is using Apple's servers/bandwidth without approval or compensation. Charitably, Beeper might be hoping that this gets the attention of regulators and they'll legislate opening it up, but that ship has sailed in the EU, and the legal argument for doing it in the states is "we don't like green bubbles" so I wouldn't hold my breath, and even then assuming there is a will in the legislature to do this, I have a hard time seeing how Beeper stays funded long enough to see that law pass.

Anyway, I am not saying this because I personally don't want to see iMessage on Android (realistically I'd like the RCS standards body to get their head out of their asses and relegate iMessage and the various Facebook messengers to irrelevance) what I am saying is that Beeper trying to pretend to be a real business is laughable. Like, this is the type of product I would expect to buy in an alternate App Store with bitcoin or something, not something I would expect a real business to release on purpose with all of the fanfare and 100k's of downloads. It's the technical equivalent of putting up a stand in front of Costco advertising that you're going to print and sell fake cards so you can get into Costco, and you're going to do that by plugging your printer setup into Costco's power to do it. oh, and then when Costco cuts off power, you run an extension cord over to a different outlet. Like, you can argue that you think Costco should do away with membership, but we all see what an insane business plan that would be, right?

edit: This is a really good article from the Verge on the whole thing, but I'm afraid it's more nuanced than "Apple BAD!" so ymmv.

[–] [email protected] 4 points 11 months ago

Finally, some sanity. Just because it’s apple, doesn’t mean it’s okay to build a business model on piggybacking off their service. I know “apple bad” but I don’t get why people are defending Beeper.

[–] [email protected] 11 points 11 months ago (1 children)

I've only heard this particular stance from iPhone users.

Apple has done a stellar job propagandizing their brand as the "Good guys... just looking out for their customer's best interests, is all".

No evidence for this take whatsoever; it's just naked, gullible brand loyalty.

Kind of an amazing phenomenon, if it weren't so sad.

[–] [email protected] 10 points 11 months ago (1 children)

I’ve got both. iOS for work, android for personal use. I’m in DevSecOps and therefore tend to see everything from this sort of mindset. Apple didn’t make a deal with them, they don’t have an open standard. It’s proprietary, it’s locked down. Why would any company with that sort of a product allow another company to interface with their offerings without paying for it? Even if it’s nice and secure, this will add load to the iMessage servers that people aren’t paying Apple for. It could introduce errors/issues they never tested for because they have a closed ecosystem and only have to test with their own devices, a known quantity. It could even increase potential attack vectors.

If you offered wifi to your friends via a guest network and then someone figured out how to connect their whole neighborhood to it, would you be fine with that?

[–] [email protected] 3 points 11 months ago* (last edited 11 months ago) (1 children)

Good points. But, and using your LAN comparison: if my wifi's guest network used some custom method (let's also consider it a proprietary method for the sake of comparison) to, A) impose an arbitrary limit of uploading files no larger than 100KB (and/or have the files heavily compressed to meet said limit) while B) offering no clear method of communication to the non-guest users why this limitation is occuring (or even exists)... I can imagine both guests and non-guests would quickly become irritated and start bickering among themselves as to whose fault this arbitrarily-imposed "local network file sharing problem" should be blamed on.

I don't think it's the guests fault for being arbitrarily limited. And I wish the non-guests could be told why the limitations are imposed.

Because no one behind a trillion dollar company should (in good faith, at least) concern themselves with restricting non-Apple, shareable files to be seen as "just slightly, technically accessible to Apple devices".

These constraints are clearly imposed on Apple users (by no one but Apple) to alienate "non-privileged, non-Apple customers" (them) from the "privileged Apple customers" (us).

And Apple's goal on "finding common ground" seems to be: do not negotiate with any proposed solutions as the division we are creating is intentional.

[–] [email protected] 4 points 11 months ago* (last edited 11 months ago)

Exactly. And this (community reverse engineering / interoperability / bridging etc), isn't something new, it's existed ever since a messaging protocol became popular - remember Trillian, Miranda, etc? Whether proprietary or not, it didn't matter - people were going to find a way to bridge the gap sooner or later. So for Apple to think that this was somehow exclusive to just iPhone users - and that it will stay that way - is a bit shortsighted.

If profit is what they were after, they could've just as easily made an official, secure API and charged for it. I'm sure there's plenty of folks out there willing to pay for iMessage, given how many of them are buying used Mac Minis and iPhones to use as a relay. Apple's shortsightedness is making them miss out on a business opportunity.

[–] [email protected] 8 points 11 months ago

What's the choice? Apple isn't going to license it for all the tea in China.

[–] [email protected] -3 points 11 months ago

It's entirely different in that it was not a vulnerability or exploit of any kind and actually improved the security of Apple's users.