132

Well that didn't take long...

• Beeper, the company behind iMessage for Android, faces an outage after Apple cuts off its access.

• The highly anticipated service, which brought blue bubble texts to Android, may have violated Apple's terms of service.

• Beeper's access to iMessage was revoked soon after its launch, raising questions about the feasibility of the service.

top 7 comments
sorted by: hot top controversial new old
[-] BearOfaTime@lemm.ee 40 points 11 months ago* (last edited 11 months ago)

Well I stand corrected. I didn't think Apple would do anything, or if they did, it would be a while.

They've done nothing about Beeper Cloud, so I thought they were sitting on their hands. Maybe because those connections are from actual Macs, so harder to isolate and prevent.

Still going to be entertaining to watch, especially the point about SMS being unencrypted, and the recent article about iMessage having a significant security issue in not having Forward Secrecy, since your RSA key doesn't change.

[-] gedaliyah@lemmy.world 19 points 11 months ago

Even the CEO of Beeper said there was no way Apple could take them down without interrupting service for iPhone users.

[-] BearOfaTime@lemm.ee 25 points 11 months ago

I guess he was wrong!

Or, maybe he knew he was bluffing a little (I doubt he fully believed they couldn't do this).

Like ad blocking, this looks like a cat/mouse game, and this dev looks like he really understands what Apple does. So it should be an interesting thing to watch.

[-] Pregnenolone@lemmy.world 16 points 11 months ago

Probably not a good idea to underestimate a multiple trillion dollar company

[-] LWD@lemm.ee 9 points 11 months ago* (last edited 11 months ago)
[-] BearOfaTime@lemm.ee 8 points 11 months ago* (last edited 11 months ago)

Not sure I would call it poor encryption. As yet, no one's cracked that large of an RSA key.

I'd certainly call it less than advertised, and needing some updates like increase the RSA key, separate the encrypted message from the AES key, and use other mechanisms so it doesn't have a single point if failure (the RSA key).

They also need to change the identifiers, since that has a risk of MITM attacks.

But yea, they've had 4 or 5 years and done nothing. That's BAD.

[-] noodlejetski@lemm.ee 7 points 11 months ago
this post was submitted on 08 Dec 2023
132 points (95.8% liked)

Technology

59670 readers
2889 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS