• noodlejetski@lemm.ee
    link
    fedilink
    arrow-up
    82
    ·
    1 year ago

    Beeper Mini avoids some of those problems because it’s operating in a fundamentally different way. Its developers figured out how to register a phone number with iMessage, send messages directly to Apple’s servers, and have messages sent back to your phone natively inside the app. It was a tricky process that involved deconstructing Apple’s messaging pipeline from start to finish. Beeper’s team had to figure out where to send the messages, what the messages needed to look like, and how to pull them back down from the cloud. The hardest part, Migicovsky said, was cracking what is essentially Apple’s padlock on the whole system: a check to see whether the connected device is a genuine Apple product.

    yeah, I give it until Thursday.

    • fraydabson@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      1 year ago

      It’s been out for a long time with limited access and nothing yet. Maybe Apple will change their mind toward it when it’s being used by a large group of people finally. Hopefully not.

      Edit: I was wrong. See below.

      • noodlejetski@lemm.ee
        link
        fedilink
        arrow-up
        15
        ·
        1 year ago

        It’s been out for a long time with limited access and nothing yet.

        you’re thinking of regular Beeper, wthich used Macs hosted by the company to relay iMessage messages.

        • atocci@kbin.social
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          That sounds exactly like what what Nothing Chats was shamed for a couple weeks ago, how has Beeper been fairing so well?

          • noodlejetski@lemm.ee
            link
            fedilink
            arrow-up
            17
            ·
            1 year ago

            Beeper’s entire premise is based on decrypting your messages on their servers, re-encrypting them and sending them to you, and pinky promising that they’re not reading them.

            • atocci@kbin.social
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              So it really is the exact same thing as Nothing Chats then? I don’t think I trust them any more than Sunbird…

              • beefcat@beehaw.org
                link
                fedilink
                arrow-up
                22
                ·
                1 year ago
                • Beeper can be self-hosted if you have a Mac, so you don’t have to trust their servers
                • Sunbird’s app (Nothing Chat) was riddled with its own security vulnerabilities that allowed users to read other users messages, which were all stored as unencrypted plaintext, all discovered by the community within 24 hours of launch
                • Beeper is actually open about how their technology works and what it’s limitations are, while Sunbird/Nothing basically lied about their product and never provided any meaningful documentation
              • Illiterate Domine@infosec.pub
                link
                fedilink
                English
                arrow-up
                10
                ·
                1 year ago

                The difference, as I understand it, is Beeper hasn’t claimed to not be doing that. Sunbird/Nothing touted E2EE and that was a lie.

                • atocci@kbin.social
                  link
                  fedilink
                  arrow-up
                  8
                  ·
                  1 year ago

                  That makes sense I suppose. A company that doesn’t outright lie about how their service works would have more goodwill behind it, wouldn’t it.

                • beefcat@beehaw.org
                  link
                  fedilink
                  arrow-up
                  6
                  ·
                  edit-2
                  1 year ago

                  It wasn’t just that E2EE was a lie, their own server software was full of its own bugs that allowed third party access to user messages, which were stored unencrypted in their database.

  • Scrubbles@poptalk.scrubbles.tech
    link
    fedilink
    English
    arrow-up
    23
    ·
    1 year ago

    Okay I’m out of the loop, why is iMessage on Android such a big deal? I know that images get compressed but it sounds like Google and Apple are finally working together to draw up a spec there. Besides that it’s… A color difference?

    • lotanis@discuss.tchncs.de
      link
      fedilink
      arrow-up
      21
      ·
      1 year ago

      There’s a massive cultural thing in the US about the iPhone being the preferred phone and if you don’t have one it must be because you’re too poor to afford one. Obviously this is a result of marketing and isn’t universal but it is a surprisingly widely held view.

      Given that, showing up in a group chat as a lone blue bubble marks you out as the inferior group member (in some people’s eyes). It doesn’t matter so much 1:1 but if there are 10 people the odd one out stands out.

      • janguv@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        The real issue here is that people in the US are tied to using SMS for real-time chat groups when so many better (and private, and well known) alternatives exist. Thankfully, in Europe, nobody so far as I know ever really uses SMS anymore – whether for single or group chats.

      • snowe@programming.dev
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Not really a thing. Google is trying to make it seem like there is, but I’ve never met a single person that has ever cared.

    • verdare [he/him]@beehaw.org
      link
      fedilink
      arrow-up
      12
      ·
      1 year ago

      Google and Apple are finally working together

      I think this is the primary reason. Apple only announced working on RCS support very recently. Once that’s out, I don’t really see a place in the market for this.

      And it isn’t just compressed images. MMS doesn’t support reactions, replies, typing indicators, or read receipts because it’s ancient. A proper, standardized replacement has been long overdue.

      Granted, I’ve heard that RCS is currently heavily reliant on Google’s own servers, so it could be argued as to how “open” this really is.

        • verdare [he/him]@beehaw.org
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          I think the currently available apps not being free software is less important than the protocol being open, which is good. It allows for the possibility of FOSS clients in the future. My bigger concern at the moment is if most/all of the actual backend infrastructure is controlled by a single stakeholder.

    • evident5051@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      The messages app also supports forwarding text messages to other devices.

      We can even ignore the other features of iMessage. This adds a layer of convenience to those who use both iOS and Android.

        • evident5051@lemm.ee
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          Yes, but it works better for those whose main SIMs are on iPhones. I personally use BlueBubbles at the moment.

  • Zworf@beehaw.org
    link
    fedilink
    arrow-up
    8
    ·
    edit-2
    1 year ago

    It requires a google account though so I can’t use it :(

    I don’t really understand why they insist on that as it doesn’t seem to use google otherwise. I do have google play services, just no account logged in (which is not necessary for things like push to work!)

    • ᗪᗩᗰᑎ@lemmy.ml
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      Because they get your profile picture, name, and email address when you click accept. I went through with it just to test, but definitely getting some data from its users.

      • Zworf@beehaw.org
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        1 year ago

        Yep notifications require google play services installed. They do not require a google account or being signed in to one. It’s based on the device ID alone. I don’t have a google ID on my phone and push messages work just fine.

          • loki@lemmy.ml
            link
            fedilink
            English
            arrow-up
            7
            ·
            edit-2
            1 year ago

            If you use on android apps from the playstore, most apps are built to relay their notifications through Google’s Firebase Cloud Messaging (FCM), so they don’t have to have a background notification listeners running 24/7. It also means less overhead from multiple notification listeners from every app having its own. So yes, if an app is built on top of google play services, it requires “google play services”

            https://en.wikipedia.org/wiki/Firebase_Cloud_Messaging

            If an app says it doesn’t rely on google play services, it uses an alternative notification listener or websockets, which might not be as effective, because Google is inbuilt and won’t kill its own apps, the scale of its infrastructure, and its habit of listening on people’s activity.

            Add in Androids habit of killing background services, and you don’t always get your notification when the app isn’t in the foreground.

            Even Signal from Playstore uses Google Play Services for notifications.

            https://old.reddit.com/r/signal/comments/g217a6/what_can_google_glean_from_signal_using_fcmgcm/

          • Zworf@beehaw.org
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            Well, Google firebase notifications do. Either Google play or something comparable like MicroG. It’s possible to run them another way too but not many app backends support that.

            But yes my complaint is exactly that this app requires google.

  • arglebargle@lemm.ee
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    why is iMessage on Android such a big deal?

    Being able to use rich chat features.

    Like what? I know there is a difference in how group chats are handled, but thats a compatibility issue, not a rich chat feature. The only thing I can think of is Apples stupid push for more emojis and even worse Memojis. Otherwise, pics, gifs, emojis work between Apple and Android. Seems like its the green v blue and group chat edits that are the differences.

    But maybe I dont know.

      • FeminalPanda@lemmings.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        That’s just apple refusing to use rcs, so it changes to sms, which uses the phone connection, not the data connection.

      • BearOfaTime@lemm.ee
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        I can send them fine on Verizon SMS, from Android to Apple. Apple decided that sending via SMS, regardless of carrier limit, they get wrecked. When I send the same video back to Android from my iPhone, the video is shit.

        I’ve tested this repeatedly across carriers. Since Verizon doesn’t seem to have an MMS size limit, it makes it pretty clear what’s going on.

        Blame carriers for limiting MMS sizes.

      • SenorBolsa@beehaw.org
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        They look just fine over RCS. Which everyone else supports and apple could even integrate support for into iMessage.

        Even straight up MMS on most carriers has no limit or a generous enough one that a short clip comes through just fine.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    🤖 I’m a bot that provides automatic summaries for articles:

    Click here to see the summary

    Earlier this year, a developer slid into Eric Migicovsky’s DMs with a spectacular claim: that he had reverse engineered Apple’s iMessage, allowing any device — Android, Windows, whatever — to send messages as a blue bubble.

    The result, according to Migicovsky, is a third-party implementation of iMessage that is actually secure: Beeper doesn’t see your messages, your contacts, or your Apple ID password.

    Beeper’s CTO, Brad Murray, also spent some time trying to break open the system as if he were an attacker and is publishing his findings.

    At the very least, Beeper has been operating the less secure kind of iMessage relay for nearly three years, and Migicovsky says he hasn’t heard a word from Apple yet.

    The 16-year-old developer who reverse engineered iMessage is now working for Beeper as a contractor; Migicovsky declined to share further details about the student, citing privacy concerns.

    My biggest complaint at the moment is that Beeper Mini doesn’t support SMS and RCS, so this one-day all-in-one app is currently dividing my texting experience in two.


    Saved 85% of original text.

  • SmoochyPit@beehaw.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Beeper was pretty dang hyped for its universal chat, I kept seeing it mentioned a while ago while it was in a closed beta.

    • Chris Remington@beehaw.orgOP
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Because I participated in the closed beta I get Beeper free for life. I’ve been using Beeper now for almost 3.5 years and I love it.

      • miss_brainfart@lemmy.ml
        link
        fedilink
        arrow-up
        5
        ·
        edit-2
        1 year ago

        What is your stance on being able to give encryption keys to a third party without the other participants of a chat consenting, let alone knowing about it?

        If someone in my contacts used bridges, effectively breaking e2ee, I’d want to know about it.

        Ideally, people should not be allowed to do that without informing their contacts, at the very least.