Well that didn’t take long…

• Beeper, the company behind iMessage for Android, faces an outage after Apple cuts off its access.

• The highly anticipated service, which brought blue bubble texts to Android, may have violated Apple’s terms of service.

• Beeper’s access to iMessage was revoked soon after its launch, raising questions about the feasibility of the service.

  • BearOfaTime@lemm.ee
    link
    fedilink
    English
    arrow-up
    40
    ·
    edit-2
    1 year ago

    Well I stand corrected. I didn’t think Apple would do anything, or if they did, it would be a while.

    They’ve done nothing about Beeper Cloud, so I thought they were sitting on their hands. Maybe because those connections are from actual Macs, so harder to isolate and prevent.

    Still going to be entertaining to watch, especially the point about SMS being unencrypted, and the recent article about iMessage having a significant security issue in not having Forward Secrecy, since your RSA key doesn’t change.

    • gedaliyah@lemmy.world
      link
      fedilink
      English
      arrow-up
      20
      arrow-down
      1
      ·
      1 year ago

      Even the CEO of Beeper said there was no way Apple could take them down without interrupting service for iPhone users.

      • BearOfaTime@lemm.ee
        link
        fedilink
        English
        arrow-up
        25
        ·
        1 year ago

        I guess he was wrong!

        Or, maybe he knew he was bluffing a little (I doubt he fully believed they couldn’t do this).

        Like ad blocking, this looks like a cat/mouse game, and this dev looks like he really understands what Apple does. So it should be an interesting thing to watch.

      • BearOfaTime@lemm.ee
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        edit-2
        1 year ago

        Not sure I would call it poor encryption. As yet, no one’s cracked that large of an RSA key.

        I’d certainly call it less than advertised, and needing some updates like increase the RSA key, separate the encrypted message from the AES key, and use other mechanisms so it doesn’t have a single point if failure (the RSA key).

        They also need to change the identifiers, since that has a risk of MITM attacks.

        But yea, they’ve had 4 or 5 years and done nothing. That’s BAD.