Well that didn’t take long…

• Beeper, the company behind iMessage for Android, faces an outage after Apple cuts off its access.

• The highly anticipated service, which brought blue bubble texts to Android, may have violated Apple’s terms of service.

• Beeper’s access to iMessage was revoked soon after its launch, raising questions about the feasibility of the service.

  • @[email protected]
    link
    fedilink
    English
    40
    edit-2
    1 year ago

    Well I stand corrected. I didn’t think Apple would do anything, or if they did, it would be a while.

    They’ve done nothing about Beeper Cloud, so I thought they were sitting on their hands. Maybe because those connections are from actual Macs, so harder to isolate and prevent.

    Still going to be entertaining to watch, especially the point about SMS being unencrypted, and the recent article about iMessage having a significant security issue in not having Forward Secrecy, since your RSA key doesn’t change.

    • @gedaliyah
      link
      English
      191 year ago

      Even the CEO of Beeper said there was no way Apple could take them down without interrupting service for iPhone users.

      • @[email protected]
        link
        fedilink
        English
        251 year ago

        I guess he was wrong!

        Or, maybe he knew he was bluffing a little (I doubt he fully believed they couldn’t do this).

        Like ad blocking, this looks like a cat/mouse game, and this dev looks like he really understands what Apple does. So it should be an interesting thing to watch.

      • @Pregnenolone
        link
        English
        161 year ago

        Probably not a good idea to underestimate a multiple trillion dollar company

      • @[email protected]
        link
        fedilink
        English
        8
        edit-2
        1 year ago

        Not sure I would call it poor encryption. As yet, no one’s cracked that large of an RSA key.

        I’d certainly call it less than advertised, and needing some updates like increase the RSA key, separate the encrypted message from the AES key, and use other mechanisms so it doesn’t have a single point if failure (the RSA key).

        They also need to change the identifiers, since that has a risk of MITM attacks.

        But yea, they’ve had 4 or 5 years and done nothing. That’s BAD.