It was a waste of time beginning to end. If they were smart, they were doing this for a quick cash grab. If they were dumb, then they legitimately thought this would work long-term.
Whatever their motives are I’m glad it brought the interoperability conversation into the spotlight.
It’s a marketing and publicity stunt, kinda like Nothing’s fiasco with the Sunbird app. The goal is to get people talking about them and come out looking like the good guy underdog vs Apple. To be fair their plan is probably working judging by how many people are jumping out in front of Beeper and condemning “Big Apple”, even though Apple is just doing what any service provider should be doing.
I just don’t understand how anyone could base a company on an exploit. That is what it is in the end - the found an exploit and took advantage of it. Seems like the logical thing would be for apple to immediately close the exploit.
The answer is right there. If Apple wanted iMessage on Android it would be there. It isn’t so they don’t want it.
Beeper isn’t relying on this tho. It’s whole USP is unified messaging and it wants iMessage.
Adversarial interoperability is not exploitative.
Yes it is when they’re not allowed to
Would you characterize reactOS as exploitive?
No, it’s not exploiting any active service for Microsoft
It was a waste of time beginning to end.
Sounded like the original effort was hobby reverse engineering for fun by a smart school kid and then Beeper went ahead and tried to turn it into a product.
It’s almost like when companies try to build a wall, some people will try to break in, even for the sake of it, maybe the thrill of it, even if it worked for a minute.
Whatever their intentions, I’m glad they did. Apple got to strengthen their infrastructure (somewhat, users are still using it with access to a Mac), and it brought messaging interoperability conversation to congress.
People seem to forget Apple founders were doing this shit too. They build a blue box and sold it too.
That’s why nobody thinks the 16 year old who found the method is in the wrong here. It’s really cool they found that, especially at that age. Now to build an entire product off of an exploit while loudly announcing it is just stupid.
And a lot of people went to jail for phreaking, I guess the beeper guys are lucky.
They need to go to the EU and get them to intervene! Only the EU can stand up to apple.
The EU doesn’t care about iMessage. Almost nobody uses that thing over here. Usually Applie die hards try it out after new features have been released, try to convince everyone that it’s the year of iMessage now, and move back to WhatsApp what the vast majority is actually using.
Oh I know… I wasn’t being serious. 😁
Good. I can’t wait to stop hearing about this app and their stupid feud with Apple.
You don’t need iMessage. Your iFriends need RCS. Beeper is not the solution.
And while they wait for RCS, they can just install Signal. Signal works and is funded by a non-profit who puts in more work to know as little as possible about you than any other company/org out there.
i dont want to download another app to talk to one person
Fair, let me buy a new phone to talk to one person instead.
fair. anyone who doesn’t want to install Signal can reach me via text/SMS or RCS. those are the options.
Can signal interact with SMS? I felt like I had issues with that when I used it a couple years ago. May have been me.
@rhythmisaprancer @ijeff @Chozo @KLISHDFSDF @sour
pretty sure they removed sms support
Too bad.
Used to but not anymore. Anything sent over Signal is guaranteed to be secure. SMS/RCS doesn’t provide any guarantees as SMS is not encrypted by default and RCS clients are all closed-source.
deleted
I wish there was like a way to just have a 1-to-1 voice conversation with someone on my phone and it be universally supported across all phones.
RCS is also not a solution
what is the solution then? iMessage become an open platform?
I think the FCC should create a new standard that doesn’t need googles servers.
No, the solution is to rid ourselves of the Plain Old Telephone System, as well as IP-based internet, and move to something that doesn’t rely on a corporation to communicate, is secure for everyone, and is free and open source.
(deleted)
IP-based internet relies on so many corporations, organizations, governments, etc., to play nicely. They hoard IPv4 ranges and let you “rent” out blocks of IPs if you pay them enough. This is not free and open access to the internet.
In order to connect to the internet, you are required to pay an ISP. They then dictate how you can use your service. For some residential ISPs, you aren’t allowed to use certain ports, so you cant host your own services like email, websites, etc. You also have to monitor how much bandwidth you are using to make sure you don’t go over your “data cap”. This is why these centralized services are so big for things like email and web hosting. We’ll get more into data collection here in a bit.
IP-based internet is flawed in that it allows DDoS attacks to take out a server that might be limited on protection. There is no redundancy or self-healing properties built-in that will protect the little guy. You can always subscribe to services like CloudFlare, who will then Man-In-The-Middle your internet traffic. You then have to abide by their terms of service, which is not desirable (especially if new hostile leadership were to come in and take over the company). Also, unless you are paying multiple ISPs for redundant connections to the internet backbone, you are vulnerable to Sybil attacks on your network. If subscribed to a single ISP, and it has downtime, you will have downtime along with them.
Any data sent between one IP to another is not encrypted by default. You have to bolt-on entirely different protocols to have that capability. As a result of that, we ended up with a very splintered implementation of encrypting data-in-transit. There are thousands of messenger applications, transmissions protocols, certificate authorities, etc., that often aren’t compatible with others. They also individually have their own set of issues.
Data collection… Ads… Trackers. Oh my! The end user of most modern websites are connecting to multiple servers, even though they visited a single site. Those users are tracked as they hop website to website. Often, these companies keep a profile on anyone matching that fingerprint. You have no control over that data. If you turn off connections to those servers, the website can become unusable. You can’t seriously say this is the best we can do. Why not have a network that prevents you from being tracked?
IP-based internet? What do you mean by that, how else are we supposed to provide unique addresses for every device on a network?
that’s probably very far in the future
someone is still gonna hold the power anyway
Wgar?
so what? an merger between iMessage, RCS and mms?
We need a standard that’s recognized just like sms. It shouldn’t need any special server from some company
I can’t figure out a response to this
Settling for RCS means no E2EE. It’s also handing control over messaging back to carriers (or most likely, Google, because not many carriers have RCS servers) which is a step backwards.
For all of Apple’s many many faults, iMessage is a pretty good service once you pay the Apple tax to get in.
Doesn’t RCS support E2EE if properly implemented? I seem to recall reading that the spec for RCS supports this, but it’s just that carriers won’t enable it.
No, E2EE is not part of any RCS spec yet. Based on news articles, Apple is implementing RCS but will supposedly ask the governing standards bodies to add E2EE to the spec so they can implement it according to the official specifications.
Google has implemented their own E2EE on top of RCS (based on Signal’s messaging for one to one conversations, based on MLS for group chats), but they haven’t published any specifications for that. It shouldn’t be too hard to reverse engineer, but that shouldn’t be necessary for any open protocol.
Google has implemented their own E2EE on top of RCS (based on Signal’s messaging for one to one conversations, based on MLS for group chats), but they haven’t published any specifications for that.
Ahh, this must be what I was thinking of, then. Thanks for clarifying!
https://support.google.com/messages/answer/10262381?hl=en
E2EE White paper (technical specifications) is listed on this site (pdf)
If you mean this link: that’s a high level description of the protocol, but it leaves out important details.
For example, Google uses MLS for group chats, but the document only mentions the Signal protocol. In other words, E2EE for group chats is broken even if you manage to implement the protocol exactly as they describe.
For example, they say the client “registers with the key server” and “uploads the public key parts”. What server is that? What protocol do we use? HTTPS POST? Do we use form/multipart? Do we encode the key in PEM or do we submit they bytes directly?
Another example: “Key material, digest, and some metadata are encrypted using the Signal session”. Whay do you mean “some”? What algorithm is used to generate the digest?
The document is a nice high level overview, but worthless if you want to implement their protocol. It basically says “we put signal, and send the signal messages over RCS, with out own key servers. Here’s how the Signal protocol works”. If, for example, Ubuntu Touch would like to implement this into their messenger, they’ll need to reverse engineer Google’s Messages app, guided by the description in their whitepaper.
Thanks for this explanation!
It is a really nice app though. I have never even used the iMessage feature.
surprised_pikachu_face.png.jpg
Test
